{"vulnerability": "CVE-2023-5995", "sightings": [{"uuid": "f4614f02-d80a-43d4-87ca-59c01cdbfe83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-5995", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17245", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-5995\n\ud83d\udd25 CVSS Score: 4.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: An issue has been discovered in GitLab EE affecting all versions starting from 16.2 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was possible for an attacker to abuse the policy bot to gain access to internal projects.\n\ud83d\udccf Published: 2023-12-01T07:01:28.253Z\n\ud83d\udccf Modified: 2025-05-22T04:09:54.333Z\n\ud83d\udd17 References:\n1. https://gitlab.com/gitlab-org/gitlab/-/issues/425361\n2. https://hackerone.com/reports/2138880", "creation_timestamp": "2025-05-22T04:44:12.000000Z"}, {"uuid": "2adb680b-349a-477a-9fd5-068d00c6e7bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-5995", "type": "seen", "source": "https://t.me/ctinow/157875", "content": "https://ift.tt/wkdVah7\nCVE-2023-5995 | GitLab Enterprise Edition prior 16.4.3/16.5.3/16.6.1 Internal Project access control (Issue 42536)", "creation_timestamp": "2023-12-21T18:48:31.000000Z"}]}