CVE-2023-4522

MEDIUM

GitLab <16.2.0 - Info Disclosure

Title source: llm

Description

An issue has been discovered in GitLab affecting all versions before 16.2.0. Committing directories containing LF character results in 500 errors when viewing the commit.

References (3)

[Exploit] https://gitlab.com/gitlab-org/gitlab/-/issues/406817

[Permissions Required] https://hackerone.com/reports/1937213

[Mailing List, Third Party Advisory] https://lists.fedoraproject.org/archives/list/[email protected]/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/

Scores

CVSS v3 4.3

EPSS 0.0010

EPSS Percentile 26.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Classification

CWE

CWE-1287

Status published

Affected Products (1)

gitlab/gitlab < 16.2.0

Timeline

Published Aug 30, 2023

Tracked Since Feb 18, 2026