{"uuid": "a229dc48-2a64-4882-99e7-133c0f83e328", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2825", "type": "published-proof-of-concept", "source": "https://t.me/ptswarm/174", "content": "GitLab Arbitrary File Read (CVE-2023-2825) Analysis \n\n\ud83d\udc64 by Sonny\n\nFor the unaware, GitLab is a widely used, enterprise-grade web application for managing source code repositories at scale. In this blog post author will be discussing a fresh vulnerability that has been issued an advisory by Gitlab with a CVSS score of 10.0 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N).\n\nAn issue has been discovered in GitLab CE/EE affecting only version 16.0.0. An unauthenticated malicious user can use a path traversal vulnerability to read arbitrary files on the server when an attachment exists in a public project nested within at least five groups.\n\n\ud83d\udcdd Contents:\n\u25cf Setting up the target environment \n\u25cf Reproducing the bug\n\u25cf But Why?\n\u25cf How impactful is this vulnerability?\n\u25cf Conclusion\n\nhttps://labs.watchtowr.com/gitlab-arbitrary-file-read-gitlab-cve-2023-2825-analysis/", "creation_timestamp": "2023-05-26T05:13:23.000000Z"}