GitLab 跨站脚本漏洞

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in GitLab, where an...

GitLab 安全漏洞

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in GitLab CE/EE, which...

PT-2021-6757 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions 13.12 through 13.12.5 GitLab versions 14.0.0 through 14.0.1 Description: A cross-site request forgery issue in the GraphQL API allows an attacker to call mutations as the victim. The vulnerability is related to the lack of...

PT-2021-6698 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 8.0 and later Description: The issue is related to incorrect handling of the username variable, allowing a remote attacker to cause a denial of service. This can lead to the rejection of access to a user's profile page v...

UBUNTU-CVE-2021-22223

Client-Side code injection through Feature Flag name in GitLab CE/EE starting with 11.9 allows a specially crafted feature flag name to PUT requests on behalf of other users via clicking on a link...

GitLab安全漏洞

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. An access control error vulnerability exists in GitLab...

GitLab访问控制错误漏洞

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. An Access Control Error vulnerability exists in GitLab...

PT-2021-6759 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions prior to 13.11.6 GitLab versions 13.12 through 13.12.5 GitLab versions 14.0 through 14.0.1 Description: An issue has been discovered in GitLab related to improper access control when using GraphQL, allowing unauthorized users ...

GitLab 跨站脚本漏洞

GitLab is a self-hosted, Git version control system project repository application developed in Ruby on Rails by GitLab, Inc. The application can be used to access a project's file content, commit history, bug list, etc. A security vulnerability exists in GitLab, which stems from a CSRF on the...

Vulnerabilities fixed in GitLab

Vulnerabilities have been fixed in GitLab. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Cross-Site Request Forgery XSRF. Cross-Site Scripting XSS Denial-of-Service DoS. Circumvention of security measure. Remote code execution Use...

GitLab 代码问题漏洞

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. GitLab A cross-site request forgery vulnerability exists ...

UBUNTU-CVE-2021-22216

A denial of service vulnerability in all versions of GitLab CE/EE before 13.12.2, 13.11.5 or 13.10.5 allows an attacker to cause uncontrolled resource consumption with a very long issue or merge request description...

UBUNTU-CVE-2021-22213

A cross-site leak vulnerability in the OAuth flow of all versions of GitLab CE/EE since 7.10 allowed an attacker to leak an OAuth access token by getting the victim to visit a malicious page with Safari...

UBUNTU-CVE-2021-22217

A denial of service vulnerability in all versions of GitLab CE/EE before 13.12.2, 13.11.5 or 13.10.5 allows an attacker to cause uncontrolled resource consumption with a specially crafted issue or merge request...

GitLab 资源管理错误漏洞

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A resource management error vulnerability exists in GitLa...

GitLab CE/EE 日志信息泄露漏洞

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. An information disclosure vulnerability exists in GitLab...

GitLab 安全漏洞

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. GitLab suffers from a Resource Management Error...

GitLab 代码问题漏洞

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. An access control error vulnerability exists in Gitlab th...

GitLab 安全漏洞

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in GitLab CE EE, which...

PT-2021-6601 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 13.3 and later Description: The issue is related to improper authorization in GitLab, allowing users to view and delete impersonation tokens created by administrators for their account. This can be exploited by a remote...