11 matches found
EUVD-2024-31718
Malicious code in bioql PyPI...
The vulnerability of the Single Sign-On (SSO) authentication mechanism of the GitLab Duo Chat web interface, a software platform based on git for collaborative code development on GitLab, allows a malicious individual to gain unauthorized access to protected information.
The vulnerability of the Single Sign-On SSO authentication mechanism in the GitLab Duo Chat web interface of the git-based software platform for collaborative code development in GitLab is related to insufficient protection of sensitive data. Exploiting this vulnerability could allow an attacker,...
BIT-GITLAB-2024-3115 Exposure of Sensitive Information to an Unauthorized Actor in GitLab
An issue was discovered in GitLab EE affecting all versions starting from 16.0 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows an attacker to access issues and epics without having an SSO session using Duo Chat...
CVE-2024-3115
An issue was discovered in GitLab EE affecting all versions starting from 16.0 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows an attacker to access issues and epics without having an SSO session using Duo Chat...
CVE-2024-3115
An issue was discovered in GitLab EE affecting all versions starting from 16.0 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows an attacker to access issues and epics without having an SSO session using Duo Chat...
CVE-2024-3115 Exposure of Sensitive Information to an Unauthorized Actor in GitLab
An issue was discovered in GitLab EE affecting all versions starting from 16.0 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows an attacker to access issues and epics without having an SSO session using Duo Chat...
CVE-2024-3115
Removed by vendor...
CVE-2024-3115 Exposure of Sensitive Information to an Unauthorized Actor in GitLab
An issue was discovered in GitLab EE affecting all versions starting from 16.0 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows an attacker to access issues and epics without having an SSO session using Duo Chat...
CVE-2024-3115 Exposure of Sensitive Information to an Unauthorized Actor in GitLab
An issue was discovered in GitLab EE affecting all versions starting from 16.0 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows an attacker to access issues and epics without having an SSO session using Duo Chat...
GitLab Information Disclosure Vulnerability
GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery, and other features. An information disclosure vulnerability exists in GitLab EE, which stems from ...
PT-2024-4735 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab EE versions 16.0 through 16.11.4 GitLab EE versions 17.0 through 17.0.2 GitLab EE versions 17.1 through 17.1.0 Description: The issue allows an attacker to access issues and epics without having an SSO session using Duo Chat. This is...