6 matches found
CVE-2021-22210
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.2. When querying the repository branches through API, GitLab was ignoring a query parameter and returning a considerable amount of results...
UBUNTU-CVE-2021-22210
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.2. When querying the repository branches through API, GitLab was ignoring a query parameter and returning a considerable amount of results...
CVE-2021-22210
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.2. When querying the repository branches through API, GitLab was ignoring a query parameter and returning a considerable amount of results...
CVE-2021-22210
CVE-2021-22210 affects GitLab CE/EE starting from 13.2. Root cause: API call to query repository branches ignores a query parameter, causing GitLab to return a large number of results. The issue is addressed in upstream GitLab security releases and fixed in GitLab versions 13.11.2, 13.10.4, and 1...
CVE-2021-22210
Removed by vendor...
FreeBSD : Gitlab -- Vulnerabilities (518a119c-a864-11eb-8ddb-001b217b3468)
Gitlab reports : Read API scoped tokens can execute mutations Pull mirror credentials were exposed Denial of Service when querying repository branches API Non-owners can set systemnotetimestamp when creating / updating issues DeployToken will impersonate a User with the same ID when using...