CVE-2023-1708 — Vulnetix

CVE-2023-1708 PUBLISHED

An issue was identified in GitLab CE/EE affecting all versions from 1.0 prior to 15.8.5, 15.9 prior to 15.9.4, and 15.10 prior to 15.10.1 where non-printable characters gets copied from clipboard, allowing unexpected commands to be executed on victim machine.

EPSS 9.02% · 92.8th percentile

Risk Scores

EPSS Score

9.02%

92.8th percentile

Affected Products

Vendor	Product	Versions
Bitnami	gitlab	1.0.0, 15.9.0, 15.10.0
Bitnami	gitlab	1.0.0, 15.9.0, 15.10.0

Exploit Intelligence

https://hackerone.com/reports/1805604 (bitnami)

Timeline

Mar 30, 2023 CVE Published
Apr 6, 2023 EPSS Score
Jun 28, 2023 CVE Updated
Mar 17, 2025 EPSS Score
Mar 19, 2025 EPSS Score
Mar 29, 2025 EPSS Score
Mar 30, 2025 EPSS Score
Apr 10, 2025 EPSS Score
Apr 13, 2025 EPSS Score
Apr 16, 2025 EPSS Score
Apr 18, 2025 EPSS Score
Apr 19, 2025 EPSS Score

References

https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-1708.json url
https://gitlab.com/gitlab-org/gitlab/-/issues/387185 url
https://hackerone.com/reports/1805604 url
https://nvd.nist.gov/vuln/detail/CVE-2023-1708 url

Open in Interactive Console →