{"vulnerability": "CVE-2023-5009", "sightings": [{"uuid": "c74493f5-9f69-4c72-99d2-0e9e000fe503", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50094", "type": "seen", "source": "MISP/4cb3c87c-dbe1-429c-9770-1f63945f435c", "content": "", "creation_timestamp": "2024-11-26T10:06:57.000000Z"}, {"uuid": "4feea2ff-7838-4514-8eba-210123244b31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-5009", "type": "seen", "source": "https://t.me/ctinow/138119", "content": "https://ift.tt/nCIgQho\nGitLab addressed critical vulnerability CVE-2023-5009", "creation_timestamp": "2023-09-20T11:28:44.000000Z"}, {"uuid": "69ad0f82-0d25-4bef-9888-a6499ee5f901", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-5009", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17255", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-5009\n\ud83d\udd25 CVSS Score: 9.6 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N)\n\ud83d\udd39 Description: An issue has been discovered in GitLab EE affecting all versions starting from 13.12 before 16.2.7, all versions starting from 16.3 before 16.3.4. It was possible for an attacker to run pipeline jobs as an arbitrary user via scheduled security scan policies. This was a bypass of [CVE-2023-3932](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3932) showing additional impact.\n\ud83d\udccf Published: 2023-09-19T07:01:14.930Z\n\ud83d\udccf Modified: 2025-05-22T04:09:01.346Z\n\ud83d\udd17 References:\n1. https://gitlab.com/gitlab-org/gitlab/-/issues/425304\n2. https://hackerone.com/reports/2147126", "creation_timestamp": "2025-05-22T04:44:33.000000Z"}, {"uuid": "4184143f-9712-4198-8748-7b612e567a0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50090", "type": "seen", "source": "https://t.me/cibsecurity/74340", "content": "\u203c\ufe0fCVE-2023-50090\u203c\ufe0f\n\nArbitrary File Write vulnerability in the saveReportFile method of ureport2 2.2.9 and before allows attackers to write arbitrary files and run arbitrary commands via crafted POST request.\n\n\ud83d\udcd6 Read more\n\nVia \"National Vulnerability Database\"", "creation_timestamp": "2024-01-04T01:37:33.000000Z"}, {"uuid": "b52156e4-e23f-46f7-a4cf-1aae2a2a4d86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50092", "type": "seen", "source": "https://t.me/arpsyndicate/2528", "content": "#ExploitObserverAlert\n\nCVE-2023-50092\n\nDESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-50092. APIIDA API Gateway Manager for Broadcom Layer7 v2023.2 is vulnerable to Cross Site Scripting (XSS).", "creation_timestamp": "2024-01-05T21:32:36.000000Z"}, {"uuid": "b6a01617-0c42-4bf4-939c-936fcb9a6a0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-5009", "type": "seen", "source": "https://t.me/ctinow/138702", "content": "https://ift.tt/mB3Cjlk\nGitLab fixes critical vulnerability, patch now! (CVE-2023-5009)", "creation_timestamp": "2023-09-22T12:37:13.000000Z"}, {"uuid": "5af85801-3c9a-4f54-867f-d585dc25ae71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50092", "type": "seen", "source": "https://t.me/cibsecurity/74318", "content": "\u203c\ufe0fCVE-2023-50092\u203c\ufe0f\n\nAPIIDA API Gateway Manager for Broadcom Layer7 v2023.2 is vulnerable to Cross Site Scripting XSS.\n\n\ud83d\udcd6 Read more\n\nVia \"National Vulnerability Database\"", "creation_timestamp": "2024-01-04T01:35:44.000000Z"}, {"uuid": "a94c3fdc-e0f4-4f64-927e-296068280789", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50093", "type": "seen", "source": "https://t.me/cibsecurity/74320", "content": "\u203c\ufe0fCVE-2023-50093\u203c\ufe0f\n\nAPIIDA API Gateway Manager for Broadcom Layer7 v2023.2.2 is vulnerable to Host Header Injection.\n\n\ud83d\udcd6 Read more\n\nVia \"National Vulnerability Database\"", "creation_timestamp": "2024-01-04T01:35:54.000000Z"}, {"uuid": "1afb5971-20ab-43d6-a7fa-78a88ff37a2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50090", "type": "seen", "source": "https://t.me/arpsyndicate/2497", "content": "#ExploitObserverAlert\n\nCVE-2023-50090\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-50090. Arbitrary File Write vulnerability in the saveReportFile method of ureport2 2.2.9 and before allows attackers to write arbitrary files and run arbitrary commands via crafted POST request.", "creation_timestamp": "2024-01-05T16:58:40.000000Z"}, {"uuid": "d0456328-0b91-43eb-b922-6515f52a19ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50093", "type": "seen", "source": "https://t.me/arpsyndicate/2488", "content": "#ExploitObserverAlert\n\nCVE-2023-50093\n\nDESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-50093. APIIDA API Gateway Manager for Broadcom Layer7 v2023.2.2 is vulnerable to Host Header Injection.", "creation_timestamp": "2024-01-05T15:11:10.000000Z"}, {"uuid": "6cc42189-7b0a-4e62-8596-ccebae8816d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-5009", "type": "seen", "source": "Telegram/8fzC70k0AqPANaoMqyiurnud2UPl_BqAdrIlayNGsF1OKw", "content": "", "creation_timestamp": "2023-09-20T12:57:35.000000Z"}, {"uuid": "dfaedbf5-ed5f-47ac-a460-1a1c91a5aaa9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-5009", "type": "seen", "source": "https://t.me/KomunitiSiber/816", "content": "GitLab Releases Urgent Security Patches for Critical Vulnerability\nhttps://thehackernews.com/2023/09/gitlab-releases-urgent-security-patches.html\n\nGitLab has shipped security patches to resolve a critical flaw that allows an attacker to run pipelines as another user.\nThe issue, tracked as\u00a0CVE-2023-5009\u00a0(CVSS score: 9.6), impacts all versions of GitLab Enterprise Edition (EE) starting from 13.12 and prior to 16.2.7 as well as from 16.3 and before 16.3.4.\n\"It was possible for an attacker to\u00a0run pipelines\u00a0as an arbitrary user via scheduled", "creation_timestamp": "2023-09-20T10:49:32.000000Z"}, {"uuid": "bc6d5ddc-c19a-430f-8fea-062d3c41c2a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50092", "type": "seen", "source": "https://t.me/ctinow/172221", "content": "https://ift.tt/khEPYIA\nCVE-2023-50092 | APIIDA API Gateway Manager for Broadcom Layer7 2023.2 cross site scripting", "creation_timestamp": "2024-01-23T19:01:45.000000Z"}, {"uuid": "4924cce0-68b4-4bd4-85e5-5f96a7c783ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50094", "type": "seen", "source": "https://t.me/ctinow/165425", "content": "https://ift.tt/wOMNPbG\nCVE-2023-50094 Exploit", "creation_timestamp": "2024-01-09T23:17:31.000000Z"}, {"uuid": "c85580c2-672f-4891-9e00-0ac2b306d33b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50096", "type": "seen", "source": "https://t.me/cibsecurity/74096", "content": "\u203c\ufe0fCVE-2023-50096\u203c\ufe0f\n\nSTMicroelectronics STSAFEA1xx middleware before 3.3.7 allows MCU code execution if an adversary has the ability to read from and write to the I2C bus. This is caused by an StSafeAReceiveBytes buffer overflow in the XCUBESAFEA1 Software Package for STSAFEA sample applications 1.2.0, and thus can affect userwritten code that was derived from a published sample application.\n\n\ud83d\udcd6 Read more\n\nVia \"National Vulnerability Database\"", "creation_timestamp": "2024-01-02T01:31:35.000000Z"}, {"uuid": "98f4ea85-8f8a-4cc4-86cd-79e958b74a5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50094", "type": "seen", "source": "https://t.me/cibsecurity/74095", "content": "\u203c\ufe0fCVE-2023-50094\u203c\ufe0f\n\nreNgine through 2.0.2 allows OS Command Injection if an adversary has a valid session ID. The attack places shell metacharacters in an apitoolswafdetector?url string. The commands are executed as root via subprocess.checkoutput.\n\n\ud83d\udcd6 Read more\n\nVia \"National Vulnerability Database\"", "creation_timestamp": "2024-01-02T01:31:30.000000Z"}, {"uuid": "797955fc-c667-491b-9e94-14c8be97285e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-5009", "type": "seen", "source": "Telegram/UwishMNZTytGOcUkcztejvttJn150wusv9THLvRt7_lz1Co", "content": "", "creation_timestamp": "2023-10-09T01:25:24.000000Z"}, {"uuid": "6b63e178-7321-4519-97c0-0c6c9ff611ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50094", "type": "seen", "source": "https://t.me/ctinow/171170", "content": "https://ift.tt/3FvaiQ0\nCVE-2023-50094 | reNgine up to 2.0.2 api/tools/waf_detector/ url os command injection", "creation_timestamp": "2024-01-22T14:11:35.000000Z"}, {"uuid": "7ce3e70c-4fd2-43ad-8d03-35ed8b8e0012", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50096", "type": "seen", "source": "https://t.me/ctinow/171169", "content": "https://ift.tt/2aZHFgq\nCVE-2023-50096 | STMicroelectronics STSAFE-A1xx Middleware up to 3.3.6 I2C Bus StSafeA_ReceiveBytes buffer overflow", "creation_timestamp": "2024-01-22T14:11:34.000000Z"}, {"uuid": "fbc19c5c-09e4-498c-bfe2-e32da23b671b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50093", "type": "seen", "source": "https://t.me/ctinow/172211", "content": "https://ift.tt/5fBscHA\nCVE-2023-50093 | APIIDA API Gateway Manager for Broadcom Layer7 2023.2.2 Header Host injection", "creation_timestamp": "2024-01-23T18:32:03.000000Z"}, {"uuid": "b93e06b0-01ec-418e-8696-f3d8631f2c2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50090", "type": "seen", "source": "https://t.me/ctinow/172373", "content": "https://ift.tt/winNgf7\nCVE-2023-50090 | ureport2 up to 2.2.9 HTTP POST Request saveReportFile Privilege Escalation (GHSA-445x-c8qq-qfr9)", "creation_timestamp": "2024-01-23T23:02:23.000000Z"}, {"uuid": "eb7ced95-955f-4fb6-a7a5-d2c400a740ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50093", "type": "seen", "source": "https://t.me/ctinow/162404", "content": "https://ift.tt/pZr6Xqs\nCVE-2023-50093", "creation_timestamp": "2024-01-03T15:26:31.000000Z"}, {"uuid": "40dc9d7c-bf48-4654-8139-97208793e129", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50096", "type": "seen", "source": "https://t.me/ctinow/165369", "content": "https://ift.tt/OdhES5C\nCVE-2023-50096 Exploit", "creation_timestamp": "2024-01-09T21:16:37.000000Z"}, {"uuid": "ba070668-d126-41bb-a67e-6a03388d1c81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50090", "type": "seen", "source": "https://t.me/ctinow/162599", "content": "https://ift.tt/TO5uYPn\nCVE-2023-50090", "creation_timestamp": "2024-01-03T21:27:03.000000Z"}, {"uuid": "dae38bff-ee69-41ff-bebd-f3180e21c1e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-5009", "type": "seen", "source": "https://t.me/thehackernews/3896", "content": "\ud83d\udea8 Critical Security Alert! GitLab issues patches for CVE-2023-5009, a flaw allowing attackers to run pipelines as other users. \n \nProtect your code\u2014update now: https://thehackernews.com/2023/09/gitlab-releases-urgent-security-patches.html", "creation_timestamp": "2023-09-20T09:19:47.000000Z"}, {"uuid": "482eabd7-5cbc-4b46-aa0d-c52dc2f0325e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50092", "type": "seen", "source": "https://t.me/ctinow/165418", "content": "https://ift.tt/7wgRcFV\nCVE-2023-50092 Exploit", "creation_timestamp": "2024-01-09T23:17:22.000000Z"}, {"uuid": "5be6bcd3-d12d-430f-af90-0dc96ec88812", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50096", "type": "seen", "source": "https://t.me/arpsyndicate/2318", "content": "#ExploitObserverAlert\n\nCVE-2023-50096\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-50096. STMicroelectronics STSAFE-A1xx middleware before 3.3.7 allows MCU code execution if an adversary has the ability to read from and write to the I2C bus. This is caused by an StSafeA_ReceiveBytes buffer overflow in the X-CUBE-SAFEA1 Software Package for STSAFE-A sample applications (1.2.0), and thus can affect user-written code that was derived from a published sample application.", "creation_timestamp": "2024-01-02T18:32:53.000000Z"}, {"uuid": "c102c01b-fa06-4ae1-b5d6-1bb0c00551ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50092", "type": "seen", "source": "https://t.me/ctinow/162374", "content": "https://ift.tt/uSg0p2s\nCVE-2023-50092", "creation_timestamp": "2024-01-03T14:26:30.000000Z"}, {"uuid": "68e84da4-58c4-41fc-9ec3-8405b0038ac3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50093", "type": "seen", "source": "https://t.me/ctinow/165419", "content": "https://ift.tt/HLUmYoE\nCVE-2023-50093 Exploit", "creation_timestamp": "2024-01-09T23:17:23.000000Z"}, {"uuid": "935f9060-499f-4d61-8512-11995ef62976", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50096", "type": "seen", "source": "https://t.me/ctinow/161398", "content": "https://ift.tt/1W3Plez\nCVE-2023-50096", "creation_timestamp": "2024-01-01T19:26:44.000000Z"}, {"uuid": "c7aa01da-ab5a-4575-a218-fb03420a7acc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50094", "type": "seen", "source": "https://t.me/ctinow/161397", "content": "https://ift.tt/yQqzlSD\nCVE-2023-50094", "creation_timestamp": "2024-01-01T19:26:43.000000Z"}, {"uuid": "672a6ce9-5dda-4d8b-8793-7371f58897f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-5009", "type": "seen", "source": "https://t.me/secmedia/1390", "content": "\u0412 GitLab Community Edition \u0438 Enterprise Edition \u0432\u0435\u0440\u0441\u0438\u0439 \u0441 13.12 \u043f\u043e 16.2.7 \u0438 \u0441 16.3 \u043f\u043e 16.3.4 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u043e\u043f\u0430\u0441\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2023-5009 \u0438 \u043e\u0446\u0435\u043d\u043a\u0443 9.6 \u043f\u043e CVSS.", "creation_timestamp": "2023-09-21T14:18:21.000000Z"}]}