An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2. Open redirection was possible via HTTP response splitting in the NPM package API.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: GitLab
Published: 2023-06-07T00:00:00
Updated: 2024-08-02T05:17:48.970Z
Reserved: 2023-01-25T00:00:00
Link: CVE-2023-0508
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-06-07T17:15:09.823
Modified: 2023-06-14T01:10:27.567
Link: CVE-2023-0508
Redhat
No data.