CVE-2023-0450 — Vulnetix

CVE-2023-0450 PUBLISHED

An issue has been discovered in GitLab affecting all versions starting from 8.1 to 15.8.5, and from 15.9 to 15.9.4, and from 15.10 to 15.10.1. It was possible to add a branch with an ambiguous name that could be used to social engineer users.

EPSS 1.50% · 81.5th percentile

Risk Scores

EPSS Score

1.50%

81.5th percentile

Affected Products

Vendor	Product	Versions
Bitnami	gitlab	15.9.0, 15.10.0, 8.1.0
Bitnami	gitlab	8.1.0, 15.9.0, 15.10.0

Exploit Intelligence

https://gitlab.com/gitlab-org/gitlab/-/issues/388962 (circl)
https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0450.json (circl)
https://hackerone.com/reports/1831547 (bitnami)

Timeline

Mar 30, 2023 CVE Published
Apr 6, 2023 EPSS Score
Jun 28, 2023 CVE Updated
Mar 17, 2025 EPSS Score
Mar 20, 2025 EPSS Score
Mar 22, 2025 EPSS Score
Mar 24, 2025 EPSS Score
Mar 26, 2025 EPSS Score
Mar 27, 2025 EPSS Score
Apr 3, 2025 EPSS Score
May 1, 2025 EPSS Score
May 4, 2025 EPSS Score

References

https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0450.json url
https://gitlab.com/gitlab-org/gitlab/-/issues/388962 url
https://hackerone.com/reports/1831547 url
https://nvd.nist.gov/vuln/detail/CVE-2023-0450 url

Open in Interactive Console →