First published: Wed Apr 05 2023(Updated: )
A sensitive information disclosure vulnerability in GitLab affecting all versions from 15.0 prior to 15.8.5, 15.9 prior to 15.9.4 and 15.10 prior to 15.10.1 allows an attacker to view the count of internal notes for a given issue.
Credit: cve@gitlab.com
Affected Software | Affected Version | How to fix |
---|---|---|
GitLab GitLab | >=15.0.0<15.8.5 | |
GitLab GitLab | >=15.0.0<15.8.5 | |
GitLab GitLab | >=15.9.0<15.9.4 | |
GitLab GitLab | >=15.9.0<15.9.4 | |
GitLab GitLab | =15.10.0 | |
GitLab GitLab | =15.10.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-1710 is a sensitive information disclosure vulnerability in GitLab that allows an attacker to view the count of internal notes for a given issue.
All versions from 15.0 prior to 15.8.5, 15.9 prior to 15.9.4, and 15.10 prior to 15.10.1 are affected.
The severity of CVE-2023-1710 is medium (5.3).
To fix CVE-2023-1710, update GitLab to version 15.8.5, 15.9.4, or 15.10.1 or later.
You can find more information about CVE-2023-1710 on the GitLab official CVE page and the GitLab issue tracker.