VDB
CVE-2023-5995
CVE-2023-5995
PUBLISHED
An issue has been discovered in GitLab EE affecting all versions starting from 16.2 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was possible for an attacker to abuse the policy bot to gain access to internal projects.
EPSS 0.04% · 12.2th percentile
Risk Scores
EPSS Score
0.04%
12.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | gitlab | 16.2.0, 16.5.0, 16.6.0 |
| Bitnami | gitlab | 16.2.0, 16.5.0, 16.6.0 |
Exploit Intelligence
- CIRCL published-proof-of-concept: CVE-2023-5995 (circl-sighting)
- CIRCL seen: CVE-2023-5995 (circl-sighting)
- GitLab Issue #425361 (circl)
- https://hackerone.com/reports/2138880 (osv)
Timeline
- Jan 21, 1970 Security Advisory
- Nov 30, 2023 CVE Published
- Dec 1, 2023 EPSS Score
- Dec 21, 2023 PoC Published
- Dec 31, 2023 EPSS Score
- Jan 29, 2024 EPSS Score
- Feb 28, 2024 EPSS Score
- Mar 29, 2024 EPSS Score
- Apr 27, 2024 EPSS Score
- May 27, 2024 EPSS Score
- Jun 26, 2024 EPSS Score
- Jul 25, 2024 EPSS Score