Detections
Analytics

GitLab 16.1 < 16.1.6 / 16.2 < 16.2.9 / 16.3 < 16.3.7 / 16.4 < 16.4.5 / 16.5 < 16.5.6 / 16.6 < 16.6.4 / 16.7 < 16.7.2 (CVE-2023-7028)

critical Nessus Plugin ID 187958

Language:

Version 1.7

Sep 4, 2024, 9:21 AM

  • CVSS metrics ("CVSSv2 score" set to 10.0)
  • CVSS metrics ("CVSSv2 vector" set to "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C")
  • CVSS metrics ("CVSSv3 score" set to 9.8)
  • CVSS metrics ("CVSSv3 vector" set to "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H")

Plugin Feed: 202409040921

Version 1.6

May 17, 2024, 7:40 PM

  • Detection (updated detection logic)
  • Plugin metadata

Plugin Feed: 202405171940

Version 1.5

May 2, 2024, 1:56 AM

  • CISA reference
  • CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:F/RL:OF/RC:C")
  • CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:F/RL:O/RC:C")

Plugin Feed: 202405020156

Version 1.4

Feb 2, 2024, 12:15 PM

  • IAVM reference

Plugin Feed: 202402021215

Version 1.3

Jan 22, 2024, 3:14 PM

  • CVSS metrics ("CVSSv2 score" set to 7.8. "CVSSv2 vector" set to "CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N". "CVSSv3 vector" set to "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N". "CVSSv3 score" set to 7.5)
  • CVSSv2 severity (based on CVE-2023-7028, severity increased from "Medium" to "High")

Plugin Feed: 202401221514

Version 1.2

Jan 19, 2024, 2:06 PM

  • IAVM reference
  • STIG Severity (set to "I")

Plugin Feed: 202401191406

Version 1.1

Jan 15, 2024, 2:36 PM

  • CVSS metrics ("CVSSv2 score" set to 6.4. "CVSSv2 vector" set to "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N". "CVSSv3 vector" set to "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N". "CVSSv3 score" set to 10.0)
  • CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:POC/RL:OF/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:P/RL:O/RC:C")
  • CVSSv2 severity (based on CVE-2023-7028, severity decreased from "High" to "Medium")
  • Exploit attributes ("Exploit available" set to "True". "Exploitability ease" changed from "No known exploits are available" to "Exploits are available")

Plugin Feed: 202401151436

Version 1.0

Jan 12, 2024, 5:09 AM

  • New

Plugin Feed: 202401120509

* Changelogs are generally available for changes made after Nov 1, 2022