7 matches found
CVE-2023-3950
An information disclosure issue in GitLab EE affecting all versions from 16.2 prior to 16.2.5, and 16.3 prior to 16.3.1 allowed other Group Owners to see the Public Key for a Google Cloud Logging audit event streaming destination, if configured. Owners can now only write the key, not read it...
GitLab 16.2 < 16.2.5 / 16.3 < 16.3.1 (CVE-2023-3950)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An information disclosure issue in GitLab EE affecting all versions from 16.2 prior to 16.2.5, and 16.3 prior to 16.3.1 allowed other Group Owners to see the Public Key for a Google Cloud Logging audi...
CVE-2023-3950
CVE-2023-3950 affects GitLab Enterprise Edition. The issue is an information disclosure where, prior to patch versions, any Group Owner could read the Public Key for a configured Google Cloud Logging audit event streaming destination. Affected are GitLab EE versions 16.2 up to, but not including,...
CVE-2023-3950 Cleartext Storage of Sensitive Information in GitLab
An information disclosure issue in GitLab EE affecting all versions from 16.2 prior to 16.2.5, and 16.3 prior to 16.3.1 allowed other Group Owners to see the Public Key for a Google Cloud Logging audit event streaming destination, if configured. Owners can now only write the key, not read it...
CVE-2023-3950
Removed by vendor...
CVE-2023-3950 Cleartext Storage of Sensitive Information in GitLab
An information disclosure issue in GitLab EE affecting all versions from 16.2 prior to 16.2.5, and 16.3 prior to 16.3.1 allowed other Group Owners to see the Public Key for a Google Cloud Logging audit event streaming destination, if configured. Owners can now only write the key, not read it...
CVE-2023-3950 Cleartext Storage of Sensitive Information in GitLab
An information disclosure issue in GitLab EE affecting all versions from 16.2 prior to 16.2.5, and 16.3 prior to 16.3.1 allowed other Group Owners to see the Public Key for a Google Cloud Logging audit event streaming destination, if configured. Owners can now only write the key, not read it...