VDB
CVE-2023-2030
CVE-2023-2030
PUBLISHED
An issue has been discovered in GitLab CE/EE affecting all versions from 12.2 prior to 16.5.6, 16.6 prior to 16.6.4, and 16.7 prior to 16.7.2 in which an attacker could potentially modify the metadata of signed commits.
EPSS 0.04% · 14.2th percentile
Risk Scores
EPSS Score
0.04%
14.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | gitlab | 16.6.0, 12.2.0, 16.7.0 |
| Bitnami | gitlab | 12.2.0, 16.6.0, 16.7.0 |
Exploit Intelligence
- CIRCL seen: CVE-2023-2030 (circl-sighting)
- CIRCL seen: CVE-2023-2030 (circl-sighting)
- CIRCL seen: CVE-2023-2030 (circl-sighting)
- CIRCL seen: CVE-2023-2030 (circl-sighting)
- GitLab Issue #407252 (circl)
- https://hackerone.com/reports/1929929 (bitnami)
Timeline
- Jan 11, 2024 CVE Published
- Jan 12, 2024 PoC Published
- Jan 15, 2024 PoC Published
- Jan 15, 2024 PoC Published
- Jan 17, 2024 EPSS Score
- Feb 2, 2024 PoC Published
- Feb 14, 2024 EPSS Score
- Mar 13, 2024 EPSS Score
- Apr 10, 2024 EPSS Score
- May 8, 2024 EPSS Score
- Jun 5, 2024 EPSS Score
- Jul 3, 2024 EPSS Score