An issue has been discovered in GitLab affecting all versions starting from 15.5 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. Non-project members could retrieve release descriptions via the API, even if the release visibility is restricted to project members only in the project settings.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: GitLab
Published: 2023-03-09T00:00:00
Updated: 2024-08-02T05:02:43.859Z
Reserved: 2023-01-11T00:00:00
Link: CVE-2023-0223
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-03-09T21:15:10.860
Modified: 2023-03-15T14:26:55.497
Link: CVE-2023-0223
Redhat
No data.