GitLab 11.6 < 16.3.6 / 16.4 < 16.4.2 / 16.5 < 16.5.1 (CVE-2023-3399)

Language:

Version 1.4 May 17, 2024, 5:22 PM Detection (updated detection logic) Plugin metadata Plugin Feed: 202405171722
Version 1.3 Dec 8, 2023, 11:43 AM IAVM reference Plugin Feed: 202312081143
Version 1.2 Nov 15, 2023, 2:17 PM CVSS metrics ("CVSSv2 score" set to 6.8. "CVSSv2 vector" set to "CVSS2#AV:N/AC:L/Au:S/C:C/I:N/A:N". "CVSSv3 score" set to 7.7. "CVSSv3 vector" set to "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N") CVSSv3 severity (based on None, severity increased from "Medium" to "High") Plugin Feed: 202311151417
Version 1.1 Nov 13, 2023, 1:29 PM CVSS metrics ("CVSSv2 score" set to 4.0. "CVSSv3 vector" set to "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N". "CVSSv3 score" set to 6.5. "CVSSv2 vector" set to "CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N") CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:U/RL:OF/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:U/RL:O/RC:C") CVSSv2 severity (based on CVE-2023-3399, severity decreased from "High" to "Medium") CVSSv3 severity (based on None, severity decreased from "High" to "Medium") Exploit attributes ("Exploit available" set to "False". "Exploitability ease" set to "No known exploits are available") Plugin Feed: 202311131329
Version 1.0 Nov 13, 2023, 7:50 AM New Plugin Feed: 202311130750

* Changelogs are generally available for changes made after Nov 1, 2022