CVE-2023-2001

MEDIUM Year: 2023
CVSS v3 Score
4.3
Medium
Weakness Type
CWE-290
View all →

Vulnerability Description

An issue has been discovered in GitLab CE/EE affecting all versions before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2. An attacker was able to spoof protected tags, which could potentially lead a victim to download malicious code.

Related Vulnerabilities

CVE-2018-8383

MEDIUM
CVSS:4.3(Medium)

A spoofing vulnerability exists when Microsoft Edge does not properly parse HTTP content, aka "Microsoft Edge Spoofing Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-...

CWE-2902018

CVE-2018-8388

MEDIUM
CVSS:4.3(Medium)

A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka "Microsoft Edge Spoofing Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2...

CWE-2902018

CVE-2018-8425

MEDIUM
CVSS:4.3(Medium)

A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka "Microsoft Edge Spoofing Vulnerability." This affects Microsoft Edge.

CWE-2902018

CVE-2019-0608

MEDIUM
CVSS:4.3(Medium)

A spoofing vulnerability exists when Microsoft Browsers does not properly parse HTTP content, aka 'Microsoft Browser Spoofing Vulnerability'. This CVE ID is unique from CVE-2019-1357.

CWE-2902019

CVE-2019-1357

MEDIUM
CVSS:4.3(Medium)

A spoofing vulnerability exists when Microsoft Browsers improperly handle browser cookies, aka 'Microsoft Browser Spoofing Vulnerability'. This CVE ID is unique from CVE-2019-0608.

CWE-2902019

CVE-2019-13701

MEDIUM
CVSS:4.3(Medium)

Incorrect implementation in navigation in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

CWE-2902019