Lucene search
K

17 matches found

OSV
OSV
added 2026/07/03 4:16 p.m.3 views

UBUNTU-CVE-2026-14615

A flaw was found in the Fine-Grained Admin Permissions FGAP v2 implementation within Keycloak's administrative services. When FGAP v2 is enabled, the system fails to properly filter child groups based on the caller's specific permissions when requested through a parent group. This allows a...

4.3CVSS5.9AI score0.00172EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/07/03 3:47 p.m.6 views

CVE-2026-14615 Keycloak-services: keycloak: fgap v2 parent group children endpoint bypasses per-child view permission filter

A flaw was found in the Fine-Grained Admin Permissions FGAP v2 implementation within Keycloak's administrative services. When FGAP v2 is enabled, the system fails to properly filter child groups based on the caller's specific permissions when requested through a parent group. This allows a...

4.3CVSS5.9AI score0.00172EPSS
Exploits0References2
OSV
OSV
added 2024/03/06 11:15 a.m.23 views

BIT-GITLAB-2022-1821

An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.8 before 14.9.5, all versions starting from 14.10 before 14.10.4, all versions starting from 15.0 before 15.0.1. It may be possible for a subgroup member to access the members list of their parent group...

4.3CVSS4.5AI score0.00816EPSS
Exploits1References3
Huntr
Huntr
added 2023/08/11 2:1 p.m.12 views

privilege escalation bug to creation survey-group with others group as parent

BUG ======= privilege escalation bug to creation survey-group with others group as parent\ ACCOUNT ============= 1. user-A -- superadmin\ 2. user-B -- normal user\ user-B has only create permission in survey-group . does not have view permission in survey group\ as user-B does not have view...

7.7AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2022/06/06 5:15 p.m.9 views

CVE-2022-1821

An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.8 before 14.9.5, all versions starting from 14.10 before 14.10.4, all versions starting from 15.0 before 15.0.1. It may be possible for a subgroup member to access the members list of their parent group...

4.3CVSS5.7AI score0.00816EPSS
Exploits1References3Affected Software1
UbuntuCve
UbuntuCve
added 2022/06/06 5:15 p.m.30 views

CVE-2022-1821

An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.8 before 14.9.5, all versions starting from 14.10 before 14.10.4, all versions starting from 15.0 before 15.0.1. It may be possible for a subgroup member to access the members list of their parent group...

4.3CVSS5.7AI score0.00816EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2022/06/06 4:56 p.m.28 views

CVE-2022-1821

Removed by vendor...

4.3CVSS5.8AI score0.00816EPSS
Exploits1
Cvelist
Cvelist
added 2022/06/06 4:56 p.m.34 views

CVE-2022-1821

An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.8 before 14.9.5, all versions starting from 14.10 before 14.10.4, all versions starting from 15.0 before 15.0.1. It may be possible for a subgroup member to access the members list of their parent group...

4.3CVSS4.9AI score0.00816EPSS
Exploits1References2
CVE
CVE
added 2022/06/06 4:56 p.m.132 views

CVE-2022-1821

CVE-2022-1821 affects GitLab CE/EE: vulnerable in versions 10.8–14.9.4, 14.10.0–14.10.3, and 15.0.0. It may allow a subgroup member to access the parent group’s members list. Remediation: upgrade to fixed versions 14.9.5, 14.10.4, or 15.0.1, respectively. No exploitation details or in-the-wild st...

4.3CVSS4.5AI score0.00816EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2022/06/06 4:56 p.m.25 views

CVE-2022-1821

An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.8 before 14.9.5, all versions starting from 14.10 before 14.10.4, all versions starting from 15.0 before 15.0.1. It may be possible for a subgroup member to access the members list of their parent group...

4.3CVSS6.3AI score0.00816EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2022/06/06 12:0 a.m.3 views

PT-2022-14140 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 10.8 through 14.9.4 GitLab CE/EE versions 14.10 through 14.10.3 GitLab CE/EE versions 15.0 through 15.0.0 Description: An issue has been discovered in GitLab CE/EE. It may be possible for a subgroup member to access the...

4.3CVSS4.2AI score0.00816EPSS
Exploits1References7
CNNVD
CNNVD
added 2022/06/02 12:0 a.m.4 views

GitLab Community Edition和GitLab Enterprise Edition 资源管理错误漏洞

GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of GitLab, Inc. GitLab Enterprise Edition is a content management system. GitLab Enterprise Edition is a content management system. A resource management error vulnerability exists in GitLab Community Edition and GitLa...

4.3CVSS5AI score0.00816EPSS
Exploits1References5
OSV
OSV
added 2021/11/05 12:15 a.m.15 views

CVE-2021-39897

Improper access control in GitLab CE/EE version 10.5 and above allowed subgroup members with inherited access to a project from a parent group to still have access even after the subgroup is transferred...

5.3CVSS6.3AI score0.01001EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2021/11/05 12:15 a.m.3 views

CVE-2021-39897

Improper access control in GitLab CE/EE version 10.5 and above allowed subgroup members with inherited access to a project from a parent group to still have access even after the subgroup is transferred...

5.3CVSS6.1AI score0.01001EPSS
Exploits0References1
OSV
OSV
added 2021/11/05 12:15 a.m.3 views

UBUNTU-CVE-2021-39897

Improper access control in GitLab CE/EE version 10.5 and above allowed subgroup members with inherited access to a project from a parent group to still have access even after the subgroup is transferred...

5.3CVSS6.1AI score0.01001EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2021/11/04 12:0 a.m.4 views

PT-2021-22743 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 10.5 and above Description: The issue concerns improper access control, where subgroup members with inherited access to a project from a parent group could still access the project even after the subgroup is transferred...

5.3CVSS5AI score0.01001EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2020/08/13 12:0 a.m.4 views

PT-2020-13423 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions prior to 13.0.12 GitLab versions prior to 13.1.6 GitLab versions prior to 13.2.3 Description: The issue arises after a group transfer occurs, where members from a parent group retain their access level on the subgroup, resulti...

4.9CVSS3.7AI score0.00683EPSS
Exploits0References11
Rows per page
Query Builder