vulnerability
FreeBSD: VID-6E0EBB4A-5E75-11EE-A365-001B217B3468 (CVE-2023-3906): Gitlab -- vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:S/C:P/I:N/A:N) | Sep 28, 2023 | Sep 29, 2023 | Jan 28, 2025 |
Severity
4
CVSS
(AV:N/AC:M/Au:S/C:P/I:N/A:N)
Published
Sep 28, 2023
Added
Sep 29, 2023
Modified
Jan 28, 2025
Description
An input validation issue in the asset proxy in GitLab EE, affecting all versions from 12.3 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1, allowed an authenticated attacker to craft image urls which bypass the asset proxy.
Solution
freebsd-upgrade-package-gitlab-ce
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.