VDB

CVE-2023-3115

CVE-2023-3115 PUBLISHED

An issue has been discovered in GitLab EE affecting all versions affecting all versions from 11.11 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1. Single Sign On restrictions were not correctly enforced for indirect project members accessing public members-only project repositories.

EPSS 0.04% · 11.6th percentile

Risk Scores

EPSS Score
0.04%
11.6th percentile

Affected Products

VendorProductVersions
Bitnamigitlab11.11.0, 16.3.0, 16.4.0
Bitnamigitlab11.11.0, 16.3.0, 16.4.0

Timeline

  • Sep 28, 2023 CVE Published
  • Sep 29, 2023 EPSS Score
  • Oct 31, 2023 EPSS Score
  • Dec 2, 2023 EPSS Score
  • Jan 3, 2024 EPSS Score
  • Feb 3, 2024 EPSS Score
  • Mar 6, 2024 EPSS Score
  • Apr 7, 2024 EPSS Score
  • May 9, 2024 EPSS Score
  • Jun 10, 2024 EPSS Score
  • Jul 12, 2024 EPSS Score
  • Aug 13, 2024 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›