Patch in third party library Consul requires 'enable-script-checks' to be set to False. This was required to enable a patch by the vendor. Without this setting the patch could be bypassed. This only affects GitLab-EE.
History

Thu, 03 Oct 2024 07:45:00 +0000

Type Values Removed Values Added
Weaknesses CWE-16

Thu, 03 Oct 2024 06:30:00 +0000

Type Values Removed Values Added
Title Configuration in GitLab Dependency on Vulnerable Third-Party Component in GitLab
Weaknesses CWE-1395

Thu, 29 Aug 2024 15:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*

cve-icon MITRE

Status: PUBLISHED

Assigner: GitLab

Published: 2023-12-04T06:30:33.856Z

Updated: 2024-10-03T06:23:16.051Z

Reserved: 2023-10-02T12:01:25.316Z

Link: CVE-2023-5332

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-12-04T07:15:07.120

Modified: 2024-11-21T08:41:33.020

Link: CVE-2023-5332

cve-icon Redhat

Severity : Important

Publid Date: 2023-12-04T00:00:00Z

Links: CVE-2023-5332 - Bugzilla