10 matches found
CVE-2024-4660
An issue has been discovered in GitLab EE affecting all versions starting from 11.2 before 17.1.7, all versions starting from 17.2 before 17.2.5, all versions starting from 17.3 before 17.3.2. It was possible for a guest to read the source code of a private project by using group templates...
BIT-GITLAB-2024-4660 Missing Authorization in GitLab
An issue has been discovered in GitLab EE affecting all versions starting from 11.2 before 17.1.7, all versions starting from 17.2 before 17.2.5, all versions starting from 17.3 before 17.3.2. It was possible for a guest to read the source code of a private project by using group templates...
CVE-2024-4660 Missing Authorization in GitLab
An issue has been discovered in GitLab EE affecting all versions starting from 11.2 before 17.1.7, all versions starting from 17.2 before 17.2.5, all versions starting from 17.3 before 17.3.2. It was possible for a guest to read the source code of a private project by using group templates...
CVE-2024-4660 Missing Authorization in GitLab
An issue has been discovered in GitLab EE affecting all versions starting from 11.2 before 17.1.7, all versions starting from 17.2 before 17.2.5, all versions starting from 17.3 before 17.3.2. It was possible for a guest to read the source code of a private project by using group templates...
CVE-2024-4660
Removed by vendor...
CVE-2024-4660 Missing Authorization in GitLab
An issue has been discovered in GitLab EE affecting all versions starting from 11.2 before 17.1.7, all versions starting from 17.2 before 17.2.5, all versions starting from 17.3 before 17.3.2. It was possible for a guest to read the source code of a private project by using group templates...
CVE-2024-4660
CVE-2024-4660 concerns GitLab Enterprise Edition (EE). Affected: all versions 11.2–17.1.7, 17.2 up to 17.2.5, and 17.3 up to 17.3.2. Description: a guest could read the source code of a private project by exploiting group templates. Impact: confidentiality loss of private project source code. The...
UBUNTU-CVE-2021-39930
Missing authorization in GitLab EE versions between 12.4 and 14.3.6, between 14.4.0 and 14.4.4, and between 14.5.0 and 14.5.2 allowed an attacker to access a user's custom project and group templates...
PT-2021-22769 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab EE versions 12.4 through 14.3.6 GitLab EE versions 14.4.0 through 14.4.4 GitLab EE versions 14.5.0 through 14.5.2 Description: The issue concerns missing authorization, allowing an attacker to access a user's custom project and group...
GitLab 信息泄露漏洞
GitLab is an open source, end-to-end software development platform from US-based GitLab with built-in version control, issue tracking, code review, CI/CD continuous integration and continuous delivery, and other features. An information disclosure vulnerability exists in GitLab Community Edition,...