PT-2020-13418 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 10.6 through 13.0.5 Description: An authorization issue in the mirroring logic allowed read access to private repositories. Recommendations: For GitLab CE/EE versions 10.6 through 13.0.5, update to a version later than...

OPENSUSE-SU-2019:1527-1 Security update for rmt-server

This update for rmt-server to version 2.1.4 fixes the following issues: - Fix duplicate nginx location in rmt-server-pubcloud bsc1135222 - Mirror additional repos that were enabled during mirroring bsc1132690 - Make service IDs consistent across different RMT instances bsc1134428 - Make SMT data...

CVE-2017-11437

GitLab Enterprise Edition EE before 8.17.7, 9.0.11, 9.1.8, 9.2.8, and 9.3.8 allows an authenticated user with the ability to create a project to use the mirroring feature to potentially read repositories belonging to other users...