CVE-2023-3413

Summary

CVE-2023-3413 is a vulnerability affecting GitLab versions 16.2 before 16.2.8, 16.3 before 16.3.5, and 16.4 before 16.4.1. The issue enables unauthorized users with forked repositories to access the source code of projects, even if the project's visibility was later restricted to only project members. This flaw poses a significant risk as sensitive code could be exposed, potentially leading to data breaches or intellectual property theft. Users are encouraged to upgrade their GitLab instances to the patched versions immediately to mitigate this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.