VDB
GSD-2023-2233
GSD-2023-2233
PUBLISHED
CVSS 3.0999999046325684 LOW
An improper authorization issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 before 16.2.8, all versions starting from 16.3 before 16.3.5 and all versions starting from 16.4 before 16.4.1. It allows a project reporter to leak the owner's Sentry instance projects.
Risk Scores
CVSS 3.1
3.0999999046325684
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| GitLab | GitLab | 11.8, 16.3, 16.4 |
Timeline
- Apr 21, 2026 CVE Published
References
- GitLab Issue #408359 issue
- HackerOne Bug Bounty Report #1947211 exploit