10 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-5612
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab affecting all versions before 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1. It was possible to read the user...
Exploit for Missing Authorization in Gitlab
CVE-2023-5612 – GitLab SSRF via Webhook URL PoC & Analysis...
Metasploit Wrap-Up 03/08/2024
New module content 2 GitLab Tags RSS feed email disclosure Authors: erruquill and n00bhaxor Type: Auxiliary Pull request: 18821 contributed by n00bhaxor Path: gather/gitlabtagsrssfeedemaildisclosure AttackerKB reference: CVE-2023-5612 Description: This adds an auxiliary module that leverages an...
GitLab Tags RSS feed email disclosure
An issue has been discovered in GitLab affecting all versions before 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1. It is possible to read the user email address via tags feed although the visibility in the user profile has been disabled. Module Options msf use...
FreeBSD : Gitlab -- vulnerabilities (61fe903b-bc2e-11ee-b06e-001b217b3468)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 61fe903b-bc2e-11ee-b06e-001b217b3468 advisory. - An issue has been discovered in GitLab affecting all versions before 16.6.6, 16.7 prior to...
CVE-2023-5612
creationtimestamp| type| source ---|---|--- 2024-01-26 03:26:10+00:00| seen| https://t.me/ctinow/173971 2024-03-06 17:00:31+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/gitlabtagsrssfeedemaildisclosure.rb 2024-03-08 08:17:01+00:00| seen|...
CVE-2023-5612 Missing Authorization in GitLab
An issue has been discovered in GitLab affecting all versions before 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1. It was possible to read the user email address via tags feed although the visibility in the user profile has been disabled...
CVE-2023-5612
CVE-2023-5612 affects GitLab CE/EE versions prior to 16.6.6, 16.7 before 16.7.4, and 16.8 before 16.8.1. Affected systems could read user email addresses via the tags feed even when profile visibility was disabled, representing an information disclosure vulnerability. The root cause is exposure o...
CVE-2023-5612 Missing Authorization in GitLab
An issue has been discovered in GitLab affecting all versions before 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1. It was possible to read the user email address via tags feed although the visibility in the user profile has been disabled...
CVE-2023-5612
Removed by vendor...