8 matches found
CVE-2023-5600
An issue has been discovered in GitLab EE affecting all versions starting from 16.0 before 16.3.6, all versions starting from 16.4 before 16.4.2, all versions starting from 16.5 before 16.5.1. Arbitrary access to the titles of an private specific references could be leaked through the service-des...
CVE-2023-5600
An issue has been discovered in GitLab EE affecting all versions starting from 16.0 before 16.3.6, all versions starting from 16.4 before 16.4.2, all versions starting from 16.5 before 16.5.1. Arbitrary access to the titles of an private specific references could be leaked through the service-des...
CVE-2023-5600
creationtimestamp| type| source ---|---|--- 2025-06-20 19:43:33+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/19049 2025-06-20 21:54:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ls2znfclbr2i...
CVE-2023-5600
GitLab EE/CE CVE-2023-5600 affects GitLab EE versions 16.0+ up to before 16.3.6, 16.4 before 16.4.2, and 16.5 before 16.5.1. The issue is an improper access control allowing arbitrary access to the titles of private specific references via the service-desk custom email template. No exploit detail...
CVE-2023-5600 Missing Authorization in GitLab
An issue has been discovered in GitLab EE affecting all versions starting from 16.0 before 16.3.6, all versions starting from 16.4 before 16.4.2, all versions starting from 16.5 before 16.5.1. Arbitrary access to the titles of an private specific references could be leaked through the service-des...
CVE-2023-5600 Missing Authorization in GitLab
An issue has been discovered in GitLab EE affecting all versions starting from 16.0 before 16.3.6, all versions starting from 16.4 before 16.4.2, all versions starting from 16.5 before 16.5.1. Arbitrary access to the titles of an private specific references could be leaked through the service-des...
CVE-2023-5600
Removed by vendor...
GitLab 16.0 < 16.3.6 / 16.4 < 16.4.2 / 16.5 < 16.5.1 (CVE-2023-5600)
The version of GitLab installed on the remote host is between 16.0 prior to 16.3.6, 16.4 prior to 16.4.2 or 16.5 prior to 16.5.1. It is, therefore, affected by an improper access control vulnerability as referenced in the vendor advisory. - Arbitrary access to the titles of an private specific...