19 matches found
EUVD-2024-28171
Malicious code in bioql PyPI...
EUVD-2022-51416
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-3870
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.0 before 15.5.7, all versions starting from 15.6 before 15.6.4, all version...
Linux Distros Unpatched Vulnerability : CVE-2022-3573
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 15.5.7, all versions starting from 15.6 before 15.6.4, all version...
Linux Distros Unpatched Vulnerability : CVE-2023-0042
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.4 prior to 15.5.7, 15.6 prior to 15.6.4, and 15.7 prior to 15.7.2. GitLab...
Linux Distros Unpatched Vulnerability : CVE-2022-3613
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions before 15.5.7, all versions starting from 15.6 before 15.6.4, all versions starting from 15....
CVE-2024-30240
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Typps Calendarista.This issue affects Calendarista: from n/a through 15.5.7...
VulnCheck KEV: CVE-2022-3573
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 15.5.7, all versions starting from 15.6 before 15.6.4, all versions starting from 15.7 before 15.7.2. Due to the improper filtering of query parameters in the wiki changes page, an attacker can execute...
GitLab 11.4 < 15.5.7 / 15.6 < 15.6.4 / 15.7 < 15.7.2 (CVE-2023-0042)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.4 prior to 15.5.7, 15.6 prior to 15.6.4, and 15.7 prior to 15.7.2. GitLab Pages allows redirection to arbitrary...
GitLab 15.1 < 15.5.7 / 15.6 < 15.6.4 / 15.7 < 15.7.2 (CVE-2022-4342)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.1 before 15.5.7, all versions starting from 15.6 before 15.6.4, all versions starting from 15.7 before 15.7.2. A...
GitLab 13.11 < 15.5.7 / 15.6 < 15.6.4 / 15.7 < 15.7.2 (CVE-2022-4167)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Incorrect Authorization check affecting all versions of GitLab EE from 13.11 prior to 15.5.7, 15.6 prior to 15.6.4, and 15.7 prior to 15.7.2 allows group access tokens to continue working even after t...
UBUNTU-CVE-2022-3613
An issue has been discovered in GitLab CE/EE affecting all versions before 15.5.7, all versions starting from 15.6 before 15.6.4, all versions starting from 15.7 before 15.7.2. A crafted Prometheus Server query can cause high resource consumption and may lead to Denial of Service...
Input validation
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 15.5.7, all versions starting from 15.6 before 15.6.4, all versions starting from 15.7 before 15.7.2. Due to the improper filtering of query parameters in the wiki changes page, an attacker can execute...
UBUNTU-CVE-2022-4365
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 before 15.5.7, all versions starting from 15.6 before 15.6.4, all versions starting from 15.7 before 15.7.2. A malicious Maintainer can leak the sentry token by changing the configured URL in the Sentry error...
PT-2023-13439 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 6.6 through 15.5.7 GitLab CE/EE versions 15.6 through 15.6.4 GitLab CE/EE versions 15.7 through 15.7.2 Description: An issue has been discovered in GitLab CE/EE that affects various versions. The problem is related to a...
PT-2023-13448 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 15.4 through 15.5.7 GitLab CE/EE versions 15.6 through 15.6.4 GitLab CE/EE versions 15.7 through 15.7.2 Description: The issue arises from inadequate filtering of query parameters on the wiki changes page, allowing an...
PT-2023-13456 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions prior to 15.5.7 GitLab CE/EE versions 15.6.0 through 15.6.3 GitLab CE/EE versions 15.7.0 through 15.7.1 Description: An issue has been discovered in GitLab CE/EE where a crafted Prometheus Server query can cause high...
CVE-2022-3573
CVE-2022-3573 affects GitLab CE/EE, with versions 15.4 up to before 15.5.7; 15.6 before 15.6.4; and 15.7 before 15.7.2. The issue stems from improper filtering of query parameters on the wiki changes page, allowing an attacker to execute arbitrary JavaScript on self-hosted instances that do not e...
CVE-2022-3613
Removed by vendor...