CVE-2023-0485: 
GitLab vulnerability analysis and mitigation

A vulnerability was discovered in GitLab affecting all versions from 13.11 before 15.8.5, all versions from 15.9 before 15.9.4, and all versions from 15.10 before 15.10.1. The vulnerability allowed project members who were demoted to guest role to read project updates by performing a diff comparison with a pre-existing fork (GitLab Security, CVE Mitre).

The vulnerability has been assigned a CVSS score of 6.5 (Medium severity) with the vector CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N. The issue specifically involves the 'Compare Git revisions' feature, where although security checks were properly implemented in the UI, the API lacked sufficient access controls. This allowed users with guest permissions to access repository content through the API endpoint for comparing revisions when they had access to a fork of the project (GitLab Security).

The vulnerability allowed unauthorized access to private project updates. Specifically, users who had been demoted from higher access levels to guest role could still read new code changes by comparing the current state with a pre-existing fork. This effectively bypassed the intended access restrictions for guest users in private projects (GitLab Issue).

The vulnerability was patched in GitLab versions 15.8.5, 15.9.4, and 15.10.1. Organizations are strongly recommended to upgrade to these or newer versions immediately. The fix was released as part of a security release that addressed multiple vulnerabilities (GitLab Security).

The vulnerability was initially reported through GitLab's HackerOne bug bounty program by security researcher shells3c. GitLab addressed the issue promptly through their security release process, demonstrating their commitment to addressing security vulnerabilities (GitLab Security).