CVE-2023-0223

N/A

An issue has been discovered in GitLab affecting all versions starting from 15.5 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. Non-project members could retrieve release descriptions via the API, even if the release visibility is restricted to project members only in the project settings.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

N/A

GitLab 安全漏洞

GitLab是美国GitLab公司的一个开源的端到端软件开发平台，具有内置的版本控制、问题跟踪、代码审查、CI/CD（持续集成和持续交付）等功能。 GitLab 存在安全漏洞，该漏洞源于非项目成员可以通过 API 检索发布说明，即使发布可见性仅限于项目设置中的项目成员。

N/A

N/A