EUVD-2022-35132

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-2904

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A cross-site scripting issue has been discovered in GitLab CE/EE affecting all versions starting from 15.2 before 15.2.5, all versions starting from 15.3 before...

CVE-2022-2904

A cross-site scripting issue has been discovered in GitLab CE/EE affecting all versions starting from 15.2 before 15.2.5, all versions starting from 15.3 before 15.3.4, all versions starting from 15.4 before 15.4.1 It was possible to exploit a vulnerability in the external status checks feature...

Improper Authorization

gitlab is vulnerable to Improper Authorization. The vulnerability occurs due to a lack of access control allowing authenticated users to retrieve configurations of any external status checks...

CVE-2022-2904

A cross-site scripting issue has been discovered in GitLab CE/EE affecting all versions starting from 15.2 before 15.2.5, all versions starting from 15.3 before 15.3.4, all versions starting from 15.4 before 15.4.1 It was possible to exploit a vulnerability in the external status checks feature...

UBUNTU-CVE-2022-2904

A cross-site scripting issue has been discovered in GitLab CE/EE affecting all versions starting from 15.2 before 15.2.5, all versions starting from 15.3 before 15.3.4, all versions starting from 15.4 before 15.4.1 It was possible to exploit a vulnerability in the external status checks feature...

GitLab 跨站脚本漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery and other features. A security vulnerability exists in GitLab CE/EE versions 15.3 through 15.3.4 an...

PT-2022-19379 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 15.2 through 15.2.4 GitLab CE/EE versions 15.3 through 15.3.3 GitLab CE/EE versions 15.4 through 15.4.0 Description: A cross-site scripting issue has been discovered in GitLab CE/EE, affecting the external status checks...

CVE-2022-2904

Removed by vendor...

CVE-2022-2904

A cross-site scripting issue has been discovered in GitLab CE/EE affecting all versions starting from 15.2 before 15.2.5, all versions starting from 15.3 before 15.3.4, all versions starting from 15.4 before 15.4.1 It was possible to exploit a vulnerability in the external status checks feature...

GitLab: "External status checks" can be accepted by users below developer access if the user is either author or assignee of the target merge request

Summary Any user who is either author or assignee of a merge request can approve that merge request's external status checks. This includes users with Guest access that creates MR's either through email or through a fork of the project. It also includes users with Guest or Reporter access getting...