An information disclosure issue in GitLab EE affecting all versions from 16.2 prior to 16.2.5, and 16.3 prior to 16.3.1 allowed other Group Owners to see the Public Key for a Google Cloud Logging audit event streaming destination, if configured. Owners can now only write the key, not read it.

Related CVEs

CVE-2023-3950

Key Information

GHSA ID

GHSA-5xhg-wqm3-8ww2

Published

September 1, 2023 12:30 PM

Last Modified

April 4, 2024 7:21 AM

CVSS Score

2.5 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: June 16, 2025 6:25 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.