Lucene search
K

13 matches found

OSV
OSV
added 2024/03/06 11:8 a.m.36 views

BIT-GITLAB-2023-2200 Improper Encoding or Escaping of Output in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions starting from 7.14 before 15.11.10, all versions starting from 16.0 before 16.0.6, all versions starting from 16.1 before 16.1.1, which allows an attacker to inject HTML in an email address field...

5.4CVSS4.6AI score0.0046EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/07/21 12:0 a.m.6 views

PT-2023-25026 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab EE versions 12.8 through 15.11.10 GitLab EE versions 16.0 through 16.0.6 GitLab EE versions 16.1 through 16.1.1 Description: An issue has been discovered in GitLab EE, allowing an attacker to change the name or path of a public top-lev...

8CVSS6.5AI score0.00582EPSS
Exploits0References9
NVD
NVD
added 2023/07/13 3:15 a.m.23 views

CVE-2023-2620

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.1 prior to 15.11.10, all versions from 16.0 prior to 16.0.6, all versions from 16.1 prior to 16.1.1. A maintainer could modify a webhook URL to leak masked webhook secrets by manipulating other masked portions...

5.5CVSS0.00549EPSS
Exploits0References2
Prion
Prion
added 2023/07/13 3:15 a.m.26 views

Design/Logic Flaw

An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.3 before 15.11.10, all versions starting from 16.0 before 16.0.6, all versions starting from 16.1 before 16.1.1. A Regular Expression Denial of Service was possible via sending crafted payloads to the...

5CVSS7.2AI score0.00905EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2023/07/13 3:15 a.m.23 views

Design/Logic Flaw

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7 before 15.11.10, all versions starting from 16.0 before 16.0.6, all versions starting from 16.1 before 16.1.1. This allowed a developer to remove the CODEOWNERS rules and merge to a protected branch...

4CVSS4.3AI score0.00473EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2023/07/13 2:8 a.m.21 views

CVE-2023-2576 Incorrect Authorization in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7 before 15.11.10, all versions starting from 16.0 before 16.0.6, all versions starting from 16.1 before 16.1.1. This allowed a developer to remove the CODEOWNERS rules and merge to a protected branch...

4.3CVSS4.6AI score0.00473EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2023/07/13 2:8 a.m.26 views

CVE-2023-3363

Removed by vendor...

3.9CVSS5.8AI score0.00185EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2023/07/13 2:0 a.m.15 views

CVE-2023-2190 Authorization Bypass Through User-Controlled Key in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.10 before 15.11.10, all versions starting from 16.0 before 16.0.6, all versions starting from 16.1 before 16.1.1. It may be possible for users to view new commits to private projects in a fork created while the...

6.5CVSS6.3AI score0.00663EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/07/13 12:0 a.m.3 views

GitLab 注入漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery and other features. A security vulnerability exists in GitLab CE/EE versions 15.3 through 15.11.10,...

6.5CVSS6.7AI score0.00521EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/07/13 12:0 a.m.8 views

PT-2023-18352 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 13.10 through 15.11.10 GitLab CE/EE versions 16.0 through 16.0.6 GitLab CE/EE versions 16.1 through 16.1.1 Description: An issue has been discovered in GitLab CE/EE that may allow users to view new commits to private...

6.5CVSS6AI score0.00663EPSS
Exploits0References11
Debian CVE
Debian CVE
added 2023/07/11 7:58 a.m.20 views

CVE-2023-1936

Removed by vendor...

4.3CVSS5.8AI score0.00581EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2023/07/11 12:0 a.m.5 views

PT-2023-17352 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 13.7 through 15.11.10 GitLab CE/EE versions 16.0 through 16.0.6 GitLab CE/EE versions 16.1 through 16.1.1 Description: An issue has been discovered in GitLab CE/EE, which allows an attacker to leak the email address of a...

4.3CVSS6.5AI score0.00581EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2023/06/29 12:0 a.m.24 views

GitLab 13.7 < 15.11.10 / 16.0 < 16.0.6 / 16.1 < 16.1.1 (CVE-2023-1936)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7 before 15.11.10, all versions starting from 16.0 before 16.0.6, all versions starting from 16.1 before 16.1.1,...

4.3CVSS5.1AI score0.00581EPSS
Exploits0References4
Rows per page
Query Builder