Lucene search
K

8 matches found

ATTACKERKB
ATTACKERKB
added 2023/06/07 5:15 p.m.5 views

CVE-2023-0508

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2. Open redirection was possible via HTTP response splitting in the NPM package API...

4.3CVSS5.8AI score0.00757EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2023/06/07 5:15 p.m.17 views

CVE-2023-0508

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2. Open redirection was possible via HTTP response splitting in the NPM package API...

4.3CVSS4.1AI score0.00757EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/06/07 12:0 a.m.6 views

CVE-2023-0508 Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2. Open redirection was possible via HTTP response splitting in the NPM package API...

3.1CVSS4.4AI score0.00757EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2023/06/07 12:0 a.m.21 views

CVE-2023-0508

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2. Open redirection was possible via HTTP response splitting in the NPM package API...

4.3CVSS5.8AI score0.00757EPSS
Exploits0References2
OSV
OSV
added 2023/06/07 12:0 a.m.20 views

CVE-2023-0508 Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2. Open redirection was possible via HTTP response splitting in the NPM package API...

3.1CVSS4.7AI score0.00757EPSS
Exploits0References5
CVE
CVE
added 2023/06/07 12:0 a.m.132 views

CVE-2023-0508

GitLab CE/EE contains a vulnerability: improper handling of HTTP header CRLF in the NPM package API allows an open redirect (HTTP response splitting). Affected versions are 15.4–15.10.8, 15.11–15.11.7, and 16.0–16.0.2. Remediations are provided in the cited advisories (patches: 15.10.8, 15.11.7, ...

4.3CVSS4.5AI score0.00757EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/06/07 12:0 a.m.26 views

FreeBSD : Gitlab -- Vulnerability (cdb5338d-04ec-11ee-9c88-001b217b3468)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the cdb5338d-04ec-11ee-9c88-001b217b3468 advisory. - A lack of length validation in GitLab CE/EE affecting all versions from 8.3 before 15.10.8,...

8.7CVSS6AI score0.96058EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2023/06/05 12:0 a.m.70 views

GitLab 12.9 < 15.10.8 / 15.11 < 15.11.7 / 16.0 < 16.0.2 (CVE-2023-0508)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2...

4.3CVSS5.1AI score0.00757EPSS
Exploits0References4
Rows per page
Query Builder