CVE-2021-22225

Insufficient input sanitization in markdown in GitLab version 13.11 and up allows an attacker to exploit a stored cross-site scripting vulnerability via a specially-crafted markdown...

EUVD-2021-9371

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2021-22225

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient input sanitization in markdown in GitLab version 13.11 and up allows an attacker to exploit a stored cross-site scripting vulnerability via a...

Linux Distros Unpatched Vulnerability : CVE-2023-0989

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An information disclosure issue in GitLab CE/EE affecting all versions starting from 13.11 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allow...

CVE-2023-7045

A CSRF vulnerability exists within GitLab CE/EE from versions 13.11 before 16.10.6, from 16.11 before 16.11.3, from 17.0 before 17.0.1. By leveraging this vulnerability, an attacker could exfiltrate anti-CSRF tokens via the Kubernetes Agent Server KAS...

CVE-2023-7045

CVE-2023-7045 affects GitLab CE/EE: versions 13.11 before 16.10.6, 16.11 before 16.11.3, and 17.0 before 17.0.1. Root cause described as a CSRF vulnerability that could allow an attacker to exfiltrate anti-CSRF tokens via the Kubernetes Agent Server (KAS). Impact is limited to token leakage (CSRF...

GitLab 13.11 < 13.11.7 / 13.12 < 13.12.8 / 14.0 < 14.0.4 (CVE-2021-22234)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.11 before 13.11.7, all versions starting from 13.12 before 13.12.8, and all versions starting from 14.0 before...

GitLab 13.11 < 15.5.7 / 15.6 < 15.6.4 / 15.7 < 15.7.2 (CVE-2022-4167)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Incorrect Authorization check affecting all versions of GitLab EE from 13.11 prior to 15.5.7, 15.6 prior to 15.6.4, and 15.7 prior to 15.7.2 allows group access tokens to continue working even after t...

libpq security update

13.11-1 - Rebase to 13.11 Resolves: 2171369...

libpq security update

13.11-1 - Update to 13.11 Resolves: 2171370...

CVE-2023-0989

An information disclosure issue in GitLab CE/EE affecting all versions starting from 13.11 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows an attacker to extract non-protected CI/CD variables by tricking a user to visit a fork with a malicious CI/CD configuration...

CVE-2023-0989 Improper Ownership Management in GitLab

An information disclosure issue in GitLab CE/EE affecting all versions starting from 13.11 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows an attacker to extract non-protected CI/CD variables by tricking a user to visit a fork with a malicious CI/CD configuration...

PT-2023-16670 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 13.11 through 16.2.7 GitLab CE/EE versions 16.3 through 16.3.4 GitLab CE/EE versions 16.4 through 16.4.0 Description: An information disclosure issue in GitLab CE/EE allows an attacker to extract non-protected CI/CD...

postgresql:13 security update

pgaudit pgrepack postgres-decoderbufs postgresql 13.11-1.0.1 - Update to 13.11 - Resolves: 2212815 - Update postgresql-setup to 8.7 https://github.com/devexp-db/postgresql-setup/pull/35 - Resolves: 2207933 - Update 1001-Fixed-postgresql-service-network-binding-issue.patch for postgresql-setup...

postgresql security update

13.11-1.0.1 - Fixed postgresql port binding issue during bootup Orabug: 35420628 13.11-1 - Update to 13.11 - Resolves: 2207935...

SUSE-SU-2023:2219-1 Security update for postgresql13

This update for postgresql13 fixes the following issues: Updated to version 13.11: - CVE-2023-2454: Fixed an issue where a user having permission to create a schema could hijack the privileges of a security definer function or extension script bsc1211228. - CVE-2023-2455: Fixed an issue that coul...

CVE-2023-0485

An issue has been discovered in GitLab affecting all versions starting from 13.11 before 15.8.5, all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. It was possible that a project member demoted to a user role to read project updates by doing a diff wit...

GitLab Enterprise Edition和GitLab Community Edition 安全漏洞

GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of GitLab, Inc. GitLab Enterprise Edition is a content management system. GitLab Enterprise Edition is a content management system. A security vulnerability in GitLab CE/EE versions 13.11 through 15.5.7 prior, 15.6...

CVE-2022-1940

Removed by vendor...

CVE-2022-1940

A Stored Cross-Site Scripting vulnerability in Jira integration in GitLab EE affecting all versions from 13.11 prior to 14.9.5, 14.10 prior to 14.10.4, and 15.0 prior to 15.0.1 allows an attacker to execute arbitrary JavaScript code in GitLab on a victim's behalf via specially crafted Jira Issues...