6 matches found
Design/Logic Flaw
An issue has been discovered in GitLab EE affecting all versions starting from 11.6 before 16.3.6, all versions starting from 16.4 before 16.4.2, all versions starting from 16.5 before 16.5.1. It was possible for an unauthorised project or group member to read the CI/CD variables using the custom...
PT-2023-24618 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab EE versions 11.6 through 16.3.5 GitLab EE versions 16.4 through 16.4.1 GitLab EE versions 16.5 through 16.5.0 Description: An issue has been discovered in GitLab EE, where it was possible for an unauthorized project or group member to...
UBUNTU-CVE-2021-39930
Missing authorization in GitLab EE versions between 12.4 and 14.3.6, between 14.4.0 and 14.4.4, and between 14.5.0 and 14.5.2 allowed an attacker to access a user's custom project and group templates...
GitLab Privilege Control Error Vulnerability
GitLab is an open source application developed using Ruby on Rails that implements a self-hosted Git project repository that can be accessed through a web interface for public and private projects. A privilege control error vulnerability exists in GitLab 11.2 and later versions, which can be...
UBUNTU-CVE-2020-13343
An issue has been discovered in GitLab affecting all versions starting from 11.2. Unauthorized Users Can View Custom Project Template...
PT-2020-13484 · Gitlab · Gitlab
Name of the Vulnerable Software and Affected Versions: GitLab versions 11.2 and later Description: An issue has been discovered in GitLab that allows unauthorized users to view custom project templates. Recommendations: For GitLab versions 11.2 and later, at the moment, there is no information...