CVE-2023-2030

Description

An issue has been discovered in GitLab CE/EE affecting all versions from 12.2 prior to 16.5.6, 16.6 prior to 16.6.4, and 16.7 prior to 16.7.2 in which an attacker could potentially modify the metadata of signed commits.

CVSS Version 3.1

nvd
CVE ID: CVE-2023-2030
Base Score: 5.3
Base Severity: MEDIUM
Vector String:CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Impact Score: 1.4
Exploitability Score: 3.9

gitlab
CVE ID: CVE-2023-2030
Base Score: 3.5
Base Severity: LOW
Vector String:CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
Impact Score: 1.4
Exploitability Score: 2.1

Refrence: NVD MITRE

Description​

Description