Rewterz Threat Advisory – Multiple Mozilla Firefox Vulnerabilities
August 2, 2023Rewterz Threat Advisory – ICS: Advantech iView Vulnerability
August 2, 2023Rewterz Threat Advisory – Multiple Mozilla Firefox Vulnerabilities
August 2, 2023Rewterz Threat Advisory – ICS: Advantech iView Vulnerability
August 2, 2023Severity
Medium
Analysis Summary
CVE-2023-4011 CVSS:4.3
GitLab Community Edition and Enterprise Edition are vulnerable to a denial of service, caused by the lack of pagination while loading license data. By loading Dependency List page, a remote authenticated attacker could exploit this vulnerability to spike the resource consumption.
CVE-2023-2022 CVSS:4.3
GitLab Community Edition and Enterprise Edition could allow a remote authenticated attacker to bypass security restrictions, caused by improper access control. By sending a specially crafted request, an attacker could exploit this vulnerability to create pipeline schedules on protected branches.
CVE-2023-3900 CVSS:4.3
GitLab Community Edition and Enterprise Edition are vulnerable to a denial of service. By using an invalid ‘start_sha’ value on merge requests page, a remote authenticated attacker could exploit this vulnerability to cause a denial of service.
CVE-2023-3401 CVSS:4.8
GitLab Community Edition and Enterprise Edition could allow a remote authenticated attacker to bypass security restrictions. By using a specially crafted name for main branch of a repository, an attacker could exploit this vulnerability to create repositories with malicious code.
CVE-2023-3500 CVSS:4.8
GitLab Community Edition and Enterprise Edition are vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using the PlantUML diagram to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVE-2023-3993 CVSS:4.9
GitLab Community Edition and Enterprise Edition could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw in access token. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.
CVE-2023-4008 CVSS:5
GitLab Community Edition and Enterprise Edition could allow a remote authenticated attacker to obtain sensitive information. By sending a specially crafted request, an attacker could exploit this vulnerability to takeover GitLab Pages with unique domain URLs if the random string added was known.
CVE-2023-4002 CVSS:5.3
GitLab Community Edition and Enterprise Edition could allow a remote authenticated attacker to obtain sensitive information, caused by failing to authorize security policy project ID in securityPolicyProjectAssign mutation. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.
CVE-2023-2164 CVSS:5.4
GitLab Community Edition and Enterprise Edition are vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability using a specially crafted URL in Web IDE Beta to execute script in a victim’s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVE-2023-0632 CVSS:6.5
GitLab Community Edition and Enterprise Edition are vulnerable to a denial of service, caused by a ReDoS flaw. By using crafted payloads to search Harbor Registry, a remote authenticated attacker could exploit this vulnerability to cause a denial of service.
CVE-2023-3385 CVSS:6.3
GitLab Community Edition and Enterprise Edition could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw in GitLab export functionality. By uploading a specially crafted file, an attacker could exploit this vulnerability to obtain sensitive information.
CVE-2023-3364 CVSS:7.5
GitLab Community Edition and Enterprise Edition are vulnerable to a denial of service, caused by a ReDoS flaw. By sending crafted payloads which use AutolinkFilter to the preview_markdown endpoint, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2023-3994 CVSS:7.5
GitLab Community Edition and Enterprise Edition are vulnerable to a denial of service, caused by a ReDoS flaw. By sending crafted payloads which use ProjectReferenceFilter to the preview_markdown endpoint, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2023-1210 CVSS:3.1
GitLab Community Edition and Enterprise Edition could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw in error message for groups. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain user’s email.
Impact
- Denial of Service
- Security Bypass
- Cross-site Scripting
- Information Disclosure
Indicators Of Compromise
CVE
- CVE-2023-4011
- CVE-2023-2022
- CVE-2023-3900
- CVE-2023-3401
- CVE-2023-3500
- CVE-2023-3993
- CVE-2023-4008
- CVE-2023-4002
- CVE-2023-2164
- CVE-2023-0632
- CVE-2023-3385
- CVE-2023-3364
- CVE-2023-3994
- CVE-2023-1210
Affected Vendors
GitLab
Affected Products
- GitLab Enterprise Edition 16.1.2
- GitLab Enterprise Edition 16.2.1
- GitLab Community Edition 16.2.1
- GitLab Community Edition 16.1.2
Remediation
Upgrade to the latest version of GitLab Community Edition and Enterprise Edition, available from the GitLab Website.