CVE-2023-5831

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 16.0 through 16.3.5 GitLab CE/EE versions 16.4 through 16.4.1 GitLab CE/EE versions 16.5.0

Description An issue has been discovered in GitLab CE/EE which may unintentionally disclose GitLab version metadata to unauthorized actors. This issue affects versions with the super sidebar logged out feature flag enabled.

Recommendations For versions 16.0 through 16.3.5, update to version 16.3.6 or later to resolve the issue. For versions 16.4 through 16.4.1, update to version 16.4.2 or later to resolve the issue. For version 16.5.0, update to version 16.5.1 or later to resolve the issue. As a temporary workaround, consider disabling the super sidebar logged out feature flag until a patch is available.