3121 matches found
Information Disclosure
gitlab is vulnerable to information disclosure. The vulnerability is possible via the REST API via the GraphQL...
GitLab Information Disclosure Vulnerability (CNVD-2021-14193)
GitLab is a Ruby on Rails developed, self-hosted, Git version control system project repository application from GitLab, Inc. The program can be used to access the project's file contents, commit history, bug list , etc. Git is a free, open source distributed version control system. GitLab CE/EE...
CVE-2020-26417
Information disclosure via GraphQL in GitLab CE/EE 13.1 and later exposes private group and project membership. This affects versions =13.6 to =13.5 to =13.1 to 13.4.7...
CVE-2020-26413
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.4 before 13.6.2. Information disclosure via GraphQL results in user email being unexpectedly visible...
CVE-2020-26413
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.4 before 13.6.2. Information disclosure via GraphQL results in user email being unexpectedly visible...
CVE-2020-26417
Information disclosure via GraphQL in GitLab CE/EE 13.1 and later exposes private group and project membership. This affects versions =13.6 to =13.5 to =13.1 to 13.4.7...
CVE-2020-26415
Information about the starred projects for private user profiles was exposed via the GraphQL API starting from 12.2 via the REST API. This affects GitLab =12.2 to =13.5 to =13.6 to 13.6.2...
CVE-2020-26413
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.4 before 13.6.2. Information disclosure via GraphQL results in user email being unexpectedly visible...
CVE-2020-26417
Information disclosure via GraphQL in GitLab CE/EE 13.1 and later exposes private group and project membership. This affects versions =13.6 to =13.5 to =13.1 to 13.4.7...
Information disclosure
Information disclosure via GraphQL in GitLab CE/EE 13.1 and later exposes private group and project membership. This affects versions =13.6 to =13.5 to =13.1 to 13.4.7...
Information disclosure
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.4 before 13.6.2. Information disclosure via GraphQL results in user email being unexpectedly visible...
UBUNTU-CVE-2020-26415
Information about the starred projects for private user profiles was exposed via the GraphQL API starting from 12.2 via the REST API. This affects GitLab =12.2 to =13.5 to =13.6 to 13.6.2...
UBUNTU-CVE-2020-26413
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.4 before 13.6.2. Information disclosure via GraphQL results in user email being unexpectedly visible...
CVE-2020-26413
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.4 before 13.6.2. Information disclosure via GraphQL results in user email being unexpectedly visible...
CVE-2020-26413
Removed by vendor...
CVE-2020-26413
GitLab CE/EE versions 13.4 through 13.6.2 are affected by an information disclosure via GraphQL that exposes user email addresses. Root cause: GraphQL responses disclose sensitive user information. Impact: unauthorized users could view emails and related data through normal GraphQL queries. Remed...
CVE-2020-26417
Information disclosure via GraphQL in GitLab CE/EE 13.1 and later exposes private group and project membership. This affects versions =13.6 to =13.5 to =13.1 to 13.4.7...
CVE-2020-26417
Removed by vendor...
CVE-2020-26417
CVE-2020-26417 concerns information disclosure via GraphQL in GitLab CE/EE. Affected are GitLab versions: >=13.1 to =13.5 to =13.6 to
CVE-2020-26415
CVE-2020-26415: Information about starred projects for private user profiles was exposed via GitLab's GraphQL API starting from 12.2 via REST. Affected products/versions include GitLab 12.2–13.4.7, 13.5–13.5.5, and 13.6–13.6.2. The connected documents do not provide explicit fix versions or remed...