CVSS 3.1 Score 4.3 of 10 (medium)


Published Sep 29, 2023
Updated: Oct 3, 2023
CWE ID 345


CVE-2023-3920 is a medium-severity vulnerability affecting all versions of GitLab from 11.2 to 16.4.1. The vulnerability allows a maintainer to create a fork relationship between existing projects, contradicting the documentation. The base score is 4.3, indicating a medium severity level with low privileges required and no user interaction needed. The attack vector is through the network, with potential impact on integrity but no impact on confidentiality. The vulnerability has not been remediated and poses a potential danger to organizations using affected versions of GitLab.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-3920 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options