Vulnerability: Metadata Modification in Signed Commits in GitLab CE/EE

Vulnerability: Metadata Modification in Signed Commits in GitLab CE/EE

CVE-2023-2030 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

An issue has been discovered in GitLab CE/EE affecting all versions from 12.2 prior to 16.5.6, 16.6 prior to 16.6.4, and 16.7 prior to 16.7.2 in which an attacker could potentially modify the metadata of signed commits.

Learn more about our Web Application Penetration Testing UK.