CVE-2023-3205 — Vulnetix

CVE-2023-3205 PUBLISHED

An issue has been discovered in GitLab affecting all versions starting from 15.11 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. An authenticated user could trigger a denial of service when importing or cloning malicious content.

EPSS 1.16% · 79.0th percentile

Risk Scores

EPSS Score

1.16%

79.0th percentile

Affected Products

Vendor	Product	Versions
Bitnami	gitlab	15.11.0, 16.2.0, 16.3.0
Bitnami	gitlab	15.11.0, 16.2.0, 16.3.0

Exploit Intelligence

GitLab Issue #415067 (circl)
https://hackerone.com/reports/2011464 (osv)

Timeline

Aug 31, 2023 CVE Published
Sep 2, 2023 EPSS Score
Sep 3, 2023 CVE Updated
Mar 17, 2025 EPSS Score
Mar 24, 2025 EPSS Score
Mar 26, 2025 EPSS Score
Mar 27, 2025 EPSS Score
Mar 30, 2025 EPSS Score
Mar 31, 2025 EPSS Score
Apr 1, 2025 EPSS Score
Apr 12, 2025 EPSS Score
Apr 15, 2025 EPSS Score

References

https://gitlab.com/gitlab-org/gitlab/-/issues/415067 url
https://hackerone.com/reports/2011464 url
https://nvd.nist.gov/vuln/detail/CVE-2023-3205 url

Open in Interactive Console →