Security Advisory

CVE-2023-5117

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-12-25 14:46:47

Last updated 2024-12-26 18:10:54

Assigner GitLab

State PUBLISHED

Description

An issue was discovered in GitLab CE/EE affecting all versions before 17.6.0 in which users were unaware that files uploaded to comments on confidential issues and epics of public projects could be accessed without authentication via a direct link to the uploaded file URL.

← Browse all CVEs View on cve.org ↗