VDB

CVE-2023-4008

CVE-2023-4008 PUBLISHED

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.9 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. It was possible to takeover GitLab Pages with unique domain URLs if the random string added was known.

EPSS 0.05% · 16.1th percentile

Risk Scores

EPSS Score
0.05%
16.1th percentile

Affected Products

VendorProductVersions
Bitnamigitlab16.1.0, 16.2.0, 15.9.0
Bitnamigitlab16.2.0, 15.9.0, 16.1.0

Timeline

  • Aug 1, 2023 CVE Published
  • Aug 2, 2023 CVE Updated
  • Aug 3, 2023 EPSS Score
  • Sep 6, 2023 EPSS Score
  • Oct 10, 2023 EPSS Score
  • Nov 12, 2023 EPSS Score
  • Dec 16, 2023 EPSS Score
  • Jan 19, 2024 EPSS Score
  • Feb 22, 2024 EPSS Score
  • Mar 27, 2024 EPSS Score
  • Apr 29, 2024 EPSS Score
  • Jun 2, 2024 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›