9 matches found
CVE-2026-58421
CVE-2026-58421 affects Gitea via CODEOWNERS pattern matching, enabling an unauthenticated ReDoS and potential denial of service. The connected documents indicate a fix in Gitea v1.26.4 (release tag v1.26.4 and related advisories) and provide links to the security advisory and PR that introduced t...
EUVD-2023-58949
Malicious code in bioql PyPI...
GitLab 11.3 < 16.7.6 / 16.8 < 16.8.3 / 16.9 < 16.9.1 (CVE-2023-6736)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab EE affecting all versions starting from 11.3 before 16.7.6, all versions starting from 16.8 before 16.8.3, all versions starting from 16.9 before 16.9.1. It was...
Denial of service
An issue has been discovered in GitLab EE affecting all versions starting from 11.3 before 16.7.6, all versions starting from 16.8 before 16.8.3, all versions starting from 16.9 before 16.9.1. It was possible for an attacker to cause a client-side denial of service using malicious crafted content...
CVE-2023-6736 Inefficient Regular Expression Complexity in GitLab
An issue has been discovered in GitLab EE affecting all versions starting from 11.3 before 16.7.6, all versions starting from 16.8 before 16.8.3, all versions starting from 16.9 before 16.9.1. It was possible for an attacker to cause a client-side denial of service using malicious crafted content...
CVE-2023-6736
Removed by vendor...
The vulnerability of the Git-based software platform for collaborative code development on GitLab stems from deficiencies in access control. This allows attackers to gain read, edit, or delete access to data.
The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to deficiencies in restricting access to the CODEOWNERS file. Exploiting this vulnerability could allow a malicious actor to gain read, edit, or delete access to data...
PT-2023-8247 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab EE versions 15.3 through 16.5.6 GitLab EE versions 16.6 through 16.6.4 GitLab EE versions 16.7 through 16.7.2 Description: The issue is related to insufficient access control to the CODEOWNERS file in GitLab EE, allowing a remote...
PT-2020-13489 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab EE versions 10.2 through 13.3.8 GitLab EE versions 13.4 through 13.4.4 GitLab EE versions 13.5 through 13.5.1 Description: An issue has been discovered in GitLab EE where required CODEOWNERS approval could be bypassed by targeting a...