What is CVE-2023-5117?

CVE-2023-5117 is a low-severity vulnerability in Gitlab, classified under CWE-213. CVSS score: 3.7/10. Published 2024-12-25.

How severe is CVE-2023-5117?

Low severity. CVSS v3 base score is 3.7 out of 10.

Vulnerability in Gitlab

CVE-2023-5117

An issue was discovered in GitLab CE/EE affecting all versions before 17.6.0 in which users were unaware that files uploaded to comments on confidential issues and epics of public projects could be accessed without authentication via a dir…

EPSS: 0.002 (39.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 3.7 (Low). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N.

Affected products

Gitlab — versions 0

Weakness classification (CWE)

CWE-213

References

GitLab Issue #398250 (issue-tracking, permissions-required)

Frequently asked questions

What is CVE-2023-5117?: CVE-2023-5117 is a low-severity vulnerability in Gitlab, classified under CWE-213. CVSS score: 3.7/10. Published 2024-12-25.
How severe is CVE-2023-5117?: Low severity. CVSS v3 base score is 3.7 out of 10.