CVE-2023-0050
published 2023-03-09CVE-2023-0050: An issue has been discovered in GitLab affecting all versions starting from 13.7 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions…
PriorityP348medium5.4CVSS 3.1
AVNACLPRLUIRSCCLILAN
EPSS
92.42%
99.8th percentile
An issue has been discovered in GitLab affecting all versions starting from 13.7 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. A specially crafted Kroki diagram could lead to a stored XSS on the client side which allows attackers to perform arbitrary actions on behalf of victims.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | gitlab | < gitlab 15.10.8+ds1-2 (sid) | gitlab 15.10.8+ds1-2 (sid) |
| gitlab | gitlab | — | — |
| gitlab | gitlab | — | — |
| gitlab | gitlab | — | — |
| gitlab | gitlab | — | — |
| gitlab | gitlab | >= 13.7 < 15.7.8 | 15.7.8 |
| gitlab | gitlab | >= 15.8 < 15.8.4 | 15.8.4 |
| gitlab | gitlab | >= 15.9 < 15.9.2 | 15.9.2 |
Detection & IOCsextracted from sources · hover to see the quote
- →Stored XSS delivered via a specially crafted Kroki diagram in GitLab; monitor for unexpected or malformed Kroki diagram markup in GitLab issues, wikis, or merge requests that may contain embedded script payloads. ↗
- →Audit GitLab instances running versions 13.7 through 15.7.7, 15.8.0–15.8.3, or 15.9.0–15.9.1 for stored Kroki diagram content that may contain injected JavaScript. ↗
- ·The vulnerability is scoped as 'local' impact per Debian's security tracker, suggesting exploitation requires an authenticated user or local access context within the GitLab instance. ↗
- ·Debian resolved this in package version 15.10.8+ds1-2; environments running older packaged versions remain exposed. ↗
CVSS provenance
nvdv3.15.4MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
osv5.4MEDIUM
vendor_debian8.7HIGH
vendor_redhat5.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-58vv-56m5-q92p: An issue has been discovered in GitLab affecting all versions starting from 13
ghsa_unreviewed·2023-03-10
CVE-2023-0050 [MEDIUM] CWE-79 GHSA-58vv-56m5-q92p: An issue has been discovered in GitLab affecting all versions starting from 13
An issue has been discovered in GitLab affecting all versions starting from 13.7 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. A specially crafted Kroki diagram could lead to a stored XSS on the client side which allows attackers to perform arbitrary actions on behalf of victims.
OSV
CVE-2023-0050: An issue has been discovered in GitLab affecting all versions starting from 13
osv·2023-03-09·CVSS 5.4
CVE-2023-0050 [MEDIUM] CVE-2023-0050: An issue has been discovered in GitLab affecting all versions starting from 13
An issue has been discovered in GitLab affecting all versions starting from 13.7 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. A specially crafted Kroki diagram could lead to a stored XSS on the client side which allows attackers to perform arbitrary actions on behalf of victims.
Red Hat
kernel: usb: typec: tcpm: fix warning when handle discover_identity message
vendor_redhat·2025-05-02·CVSS 5.5
CVE-2023-53048 [MEDIUM] kernel: usb: typec: tcpm: fix warning when handle discover_identity message
kernel: usb: typec: tcpm: fix warning when handle discover_identity message
In the Linux kernel, the following vulnerability has been resolved:
usb: typec: tcpm: fix warning when handle discover_identity message
Since both source and sink device can send discover_identity message in
PD3, kernel may dump below warning:
------------[ cut here ]------------
WARNING: CPU: 0 PID: 169 at drivers/usb/typec/tcpm/tcpm.c:1446 tcpm_queue_vdm+0xe0/0xf0
Modules linked in:
CPU: 0 PID: 169 Comm: 1-0050 Not tainted 6.1.1-00038-g6a3c36cf1da2-dirty #567
Hardware name: NXP i.MX8MPlus EVK board (DT)
pstate: 20000005 (nzCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : tcpm_queue_vdm+0xe0/0xf0
lr : tcpm_queue_vdm+0x2c/0xf0
sp : ffff80000c19bcd0
x29: ffff80000c19bcd0 x28: 0000000000000001 x27: ffff0000d11c8ab8
GitLab
CVE-2023-0050: An issue has been discovered in GitLab affecting all versions starting from 13.7 before 15.7.8, all versions starting from 15.8 before 15.8.4, all ver
vendor_gitlab·2023-03-09·CVSS 8.7
CVE-2023-0050 [HIGH] CWE-79 CVE-2023-0050: An issue has been discovered in GitLab affecting all versions starting from 13.7 before 15.7.8, all versions starting from 15.8 before 15.8.4, all ver
CVE-2023-0050: An issue has been discovered in GitLab affecting all versions starting from 13.7 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. A specially crafted Kroki diagram could lead to a stored XSS on the client side which allows attackers to perform arbitrary actions on behalf of victims.
Debian
CVE-2023-0050: gitlab - An issue has been discovered in GitLab affecting all versions starting from 13.7...
vendor_debian·2023·CVSS 8.7
CVE-2023-0050 [HIGH] CVE-2023-0050: gitlab - An issue has been discovered in GitLab affecting all versions starting from 13.7...
An issue has been discovered in GitLab affecting all versions starting from 13.7 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. A specially crafted Kroki diagram could lead to a stored XSS on the client side which allows attackers to perform arbitrary actions on behalf of victims.
Scope: local
sid: resolved (fixed in 15.10.8+ds1-2)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0050.jsonhttps://gitlab.com/gitlab-org/gitlab/-/issues/387023https://hackerone.com/reports/1731349https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0050.jsonhttps://gitlab.com/gitlab-org/gitlab/-/issues/387023https://hackerone.com/reports/1731349
2023-03-09
Published