4 matches found
CVE-2023-3906
CVE-2023-3906 describes an input validation issue in GitLab Enterprise Edition’s asset proxy that allows an authenticated attacker to craft image URLs to bypass the asset proxy. Affected versions are 12.3–16.2.7, 16.3.x before 16.3.5, and 16.4.x before 16.4.1. The vulnerability is active in GitLa...
CVE-2023-3906 Improper Validation of Specified Type of Input in GitLab
An input validation issue in the asset proxy in GitLab EE, affecting all versions from 12.3 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1, allowed an authenticated attacker to craft image urls which bypass the asset proxy...
CVE-2023-3906 Improper Validation of Specified Type of Input in GitLab
An input validation issue in the asset proxy in GitLab EE, affecting all versions from 12.3 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1, allowed an authenticated attacker to craft image urls which bypass the asset proxy...
GitLab 12.3 < 16.2.8 / 16.3 < 16.3.5 / 16.4 < 16.4.1 (CVE-2023-3906)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An input validation issue in the asset proxy in GitLab EE, affecting all versions from 12.3 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1, allowed an authenticated attacker to craft...