3125 matches found
CVE-2022-0172
An issue has been discovered in GitLab CE/EE affecting all versions starting with 12.3. Under certain conditions it was possible to bypass the IP restriction for public projects through GraphQL allowing unauthorised users to read titles of issues, merge requests and milestones...
CVE-2022-0152
An issue has been discovered in GitLab affecting all versions starting from 13.10 before 14.4.5, all versions starting from 14.5.0 before 14.5.3, all versions starting from 14.6.0 before 14.6.2. GitLab was vulnerable to unauthorized access to some particular fields through the GraphQL API...
CVE-2022-0152
An issue has been discovered in GitLab affecting all versions starting from 13.10 before 14.4.5, all versions starting from 14.5.0 before 14.5.3, all versions starting from 14.6.0 before 14.6.2. GitLab was vulnerable to unauthorized access to some particular fields through the GraphQL API...
CVE-2022-0172
An issue has been discovered in GitLab CE/EE affecting all versions starting with 12.3. Under certain conditions it was possible to bypass the IP restriction for public projects through GraphQL allowing unauthorised users to read titles of issues, merge requests and milestones...
CVE-2022-0152
An issue has been discovered in GitLab affecting all versions starting from 13.10 before 14.4.5, all versions starting from 14.5.0 before 14.5.3, all versions starting from 14.6.0 before 14.6.2. GitLab was vulnerable to unauthorized access to some particular fields through the GraphQL API...
Design/Logic Flaw
An issue has been discovered in GitLab affecting all versions starting from 13.10 before 14.4.5, all versions starting from 14.5.0 before 14.5.3, all versions starting from 14.6.0 before 14.6.2. GitLab was vulnerable to unauthorized access to some particular fields through the GraphQL API...
Design/Logic Flaw
An issue has been discovered in GitLab CE/EE affecting all versions starting with 12.3. Under certain conditions it was possible to bypass the IP restriction for public projects through GraphQL allowing unauthorised users to read titles of issues, merge requests and milestones...
UBUNTU-CVE-2022-0172
An issue has been discovered in GitLab CE/EE affecting all versions starting with 12.3. Under certain conditions it was possible to bypass the IP restriction for public projects through GraphQL allowing unauthorised users to read titles of issues, merge requests and milestones...
UBUNTU-CVE-2022-0152
An issue has been discovered in GitLab affecting all versions starting from 13.10 before 14.4.5, all versions starting from 14.5.0 before 14.5.3, all versions starting from 14.6.0 before 14.6.2. GitLab was vulnerable to unauthorized access to some particular fields through the GraphQL API...
CVE-2022-0152
An issue has been discovered in GitLab affecting all versions starting from 13.10 before 14.4.5, all versions starting from 14.5.0 before 14.5.3, all versions starting from 14.6.0 before 14.6.2. GitLab was vulnerable to unauthorized access to some particular fields through the GraphQL API...
CVE-2022-0152
The CVE-2022-0152 issue affects GitLab and is described as an unauthorized access vulnerability in the GraphQL API. Affected versions include all from 13.10 up to 14.4.5 (i.e., 13.10–14.4.4), all from 14.5.0 up to 14.5.3 (i.e., 14.5.0–14.5.2), and all from 14.6.0 up to 14.6.2 (i.e., 14.6.0–14.6.1...
CVE-2022-0152
An issue has been discovered in GitLab affecting all versions starting from 13.10 before 14.4.5, all versions starting from 14.5.0 before 14.5.3, all versions starting from 14.6.0 before 14.6.2. GitLab was vulnerable to unauthorized access to some particular fields through the GraphQL API...
CVE-2022-0152
Removed by vendor...
CVE-2022-0172
An issue has been discovered in GitLab CE/EE affecting all versions starting with 12.3. Under certain conditions it was possible to bypass the IP restriction for public projects through GraphQL allowing unauthorised users to read titles of issues, merge requests and milestones...
CVE-2022-0172
GitLab CVE-2022-0172 affects GitLab CE/EE versions starting with 12.3. Under certain conditions, an authenticated bypass was possible via GraphQL that allowed unauthenticated users to read titles of issues, merge requests, and milestones for public projects. The primary sources here are CVE-2022-...
CVE-2022-0172
Removed by vendor...
CVE-2022-0172
An issue has been discovered in GitLab CE/EE affecting all versions starting with 12.3. Under certain conditions it was possible to bypass the IP restriction for public projects through GraphQL allowing unauthorised users to read titles of issues, merge requests and milestones...
PT-2022-13008 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 12.3 and later Description: An issue has been discovered in GitLab CE/EE, where under certain conditions, it was possible to bypass the IP restriction for public projects through GraphQL. This allowed unauthorized users ...
PT-2022-12997 · Gitlab · Gitlab
Name of the Vulnerable Software and Affected Versions: GitLab versions 13.10 through 14.4.4 GitLab versions 14.5.0 through 14.5.2 GitLab versions 14.6.0 through 14.6.1 Description: An issue has been discovered in GitLab, allowing unauthorized access to certain fields through the GraphQL API...
GitLab 安全漏洞
GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery, and other features. Gitlab has a security vulnerability that stems from the software's lack of...