1595 matches found
GitLab 授权问题漏洞
GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of GitLab, Inc. GitLab Enterprise Edition is a content management system. GitLab Enterprise Edition is a content management system. GitLab Community Edition and GitLab Enterprise Edition have an authorization issue...
GitLab 授权问题漏洞
GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of GitLab, Inc. GitLab Enterprise Edition is a content management system. GitLab Enterprise Edition is a content management system. GitLab Community Edition and GitLab Enterprise Edition have an authorization issue...
vulhub
This repository is an offensive tool for web application security training and testing. It is a collection of vulnerable web applications and tools for testing and training purposes. The repository contains a variety of vulnerable applications, including web servers, databases, and other web-base...
CVE-2022-1460
An issue has been discovered in GitLab affecting all versions starting from 9.2 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. GitLab was not performing correct authorizations on scheduled pipelines allowing a malicious user to run a...
CVE-2022-1433
An issue has been discovered in GitLab affecting all versions starting from 14.4 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. Missing invalidation of Markdown caching causes potential payloads from a previously exploitable XSS...
CVE-2022-1428
An issue has been discovered in GitLab affecting all versions before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. GitLab was incorrectly verifying throttling limits for authenticated package requests which resulted in limits not being...
PT-2022-13904 · Gitlab · Gitlab
Name of the Vulnerable Software and Affected Versions: GitLab versions 9.2 through 14.8.5 GitLab versions 14.9 through 14.9.3 GitLab versions 14.10 through 14.10.0 Description: An issue has been discovered in GitLab where it was not performing correct authorizations on scheduled pipelines. This...
CVE-2022-1431
An issue has been discovered in GitLab affecting all versions starting from 12.10 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. GitLab was not correctly handling malicious requests to the PyPi API endpoint allowing the attacker to...
GitLab 输入验证错误漏洞
GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery and other features. An input validation error vulnerability exists in Gitlab Community Edition...
GitLab 信息泄露漏洞
GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of GitLab, Inc. GitLab Enterprise Edition is a content management system. GitLab Community Edition is a community edition of GitLab. An information disclosure vulnerability exists in Gitlab Community Edition versions...
GitLab 访问控制错误漏洞
GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery and other features. An Access Control Error vulnerability exists in Gitlab Community Edition versio...
CVE-2022-0477
An issue has been discovered in GitLab affecting all versions starting from 11.9 before 14.5.4, all versions starting from 14.6.0 before 14.6.4, all versions starting from 14.7.0 before 14.7.1. GitLab was not correctly handling bulk requests to delete existing packages from the package registries...
PT-2022-13202 · Gitlab · Gitlab
Name of the Vulnerable Software and Affected Versions: GitLab versions 11.9 through 14.5.3 GitLab versions 14.6.0 through 14.6.3 GitLab versions 14.7.0 Description: An issue has been discovered in GitLab where it was not correctly handling bulk requests to delete existing packages from the packag...
The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to deficiencies in authentication mechanisms, allows attackers to gain unauthorized access to protected information.
The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to deficiencies in the authentication mechanism. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information using...
The vulnerability of the Git-based software platform for collaborative code development on GitLab stems from the lack of protective measures for website structures, allowing attackers to perform cross-site scripting attacks.
The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks using specially created links...
The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to incorrect authentication, allows a perpetrator to compromise data integrity.
The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to incorrect authentication. Exploiting this vulnerability allows a malicious actor to influence the integrity of data...
The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to incorrect authentication, allows a perpetrator to access confidential data.
The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to incorrect authentication. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain access to confidential data...
The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to insufficient input data validation, allows a hacker to trigger a service failure.
The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor, operating remotely, to cause service failures...
The vulnerability of the Git-based software platform for collaborative code development on GitLab stems from the lack of protective measures for website structures, allowing attackers to compromise data integrity.
The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to compromise the integrity of data...
The vulnerability of the Git-based software platform’s GraphQL component allows a hacker to influence the integrity of data during collaborative code development on GitLab.
The vulnerability of the GraphQL component of the software platform based on Git for collaborative code development on GitLab is related to the lack of checking for the presence of the X-CSRF-Token header in GET requests. Exploiting this vulnerability allows an attacker to compromise data integri...