Lucene search
K

89 matches found

OSV
OSV
added 2023/04/05 8:15 p.m.3 views

UBUNTU-CVE-2023-0319

An issue has been discovered in GitLab affecting all versions starting from 13.6 before 15.8.5, all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1, allowing to read environment names supposed to be restricted to project memebers only...

5.8CVSS5.7AI score0.00744EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/04/05 12:0 a.m.4 views

PT-2023-16173 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions 13.6 through 15.8.4 GitLab versions 15.9 through 15.9.3 GitLab versions 15.10 through 15.10.0 Description: An issue has been discovered in GitLab, allowing unauthorized access to read environment names that are supposed to be...

5.8CVSS6.5AI score0.00744EPSS
Exploits0References14
Vulnrichment
Vulnrichment
added 2023/04/05 12:0 a.m.8 views

CVE-2023-0319

An issue has been discovered in GitLab affecting all versions starting from 13.6 before 15.8.5, all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1, allowing to read environment names supposed to be restricted to project memebers only...

5.8CVSS5AI score0.00744EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/04/04 12:0 a.m.34 views

GitLab 13.6 < 15.8.5 / 15.9 < 15.9.4 / 15.10 < 15.10.1 (CVE-2023-0319)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab affecting all versions starting from 13.6 before 15.8.5, all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1, allowing...

5.8CVSS5.7AI score0.00744EPSS
Exploits0References4
Prion
Prion
added 2023/03/09 9:15 p.m.18 views

Design/Logic Flaw

An issue has been discovered in GitLab affecting all versions starting from 15.5 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. Non-project members could retrieve release descriptions via the API, even if the release visibility is...

5CVSS5.2AI score0.00786EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2023/03/09 12:0 a.m.3 views

PT-2023-16095 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions 15.5 through 15.7.7 GitLab versions 15.8 through 15.8.3 GitLab versions 15.9 through 15.9.1 Description: An issue has been discovered in GitLab where non-project members could retrieve release descriptions via the API, even if...

5.3CVSS4.8AI score0.00786EPSS
Exploits0References12
Debian CVE
Debian CVE
added 2023/03/09 12:0 a.m.20 views

CVE-2023-0223

Removed by vendor...

5.3CVSS6AI score0.00786EPSS
Exploits0
Prion
Prion
added 2023/01/26 9:15 p.m.20 views

Improper access control

An improper access control issue in GitLab CE/EE affecting all versions from 11.3 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allowed an unauthorized user to see release names even when releases we set to be restricted to project members only...

5CVSS5.1AI score0.01034EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blog
added 2023/01/25 7:35 p.m.39 views

Privilege escalation in project role template binding (PRTB) and -promoted roles

Impact An issue was discovered in Rancher versions from 2.5.0 up to and including 2.5.16 and from 2.6.0 up to and including 2.6.9, where an authorization logic flaw allows privilege escalation via project role template binding PRTB and -promoted roles. This issue is not present in Rancher 2.7...

8.8CVSS8.1AI score0.00677EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2023/01/24 12:0 a.m.19 views

CVE-2022-3482

An improper access control issue in GitLab CE/EE affecting all versions from 11.3 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allowed an unauthorized user to see release names even when releases we set to be restricted to project members only...

5.3CVSS5.1AI score0.01034EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2023/01/24 12:0 a.m.3 views

PT-2023-13420 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 11.3 through 15.3.4 GitLab CE/EE versions 15.4 through 15.4.3 GitLab CE/EE versions 15.5 through 15.5.1 Description: An issue with access control in GitLab CE/EE allowed unauthorized users to view release names, even whe...

5.3CVSS4.8AI score0.01034EPSS
Exploits1References10
Vulnrichment
Vulnrichment
added 2023/01/24 12:0 a.m.9 views

CVE-2022-3482

An improper access control issue in GitLab CE/EE affecting all versions from 11.3 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allowed an unauthorized user to see release names even when releases we set to be restricted to project members only...

5.3CVSS6.7AI score0.01034EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2023/01/24 12:0 a.m.39 views

CVE-2022-3482

Removed by vendor...

5.3CVSS6AI score0.01034EPSS
Exploits1
OSV
OSV
added 2022/08/05 4:15 p.m.4 views

UBUNTU-CVE-2022-2539

An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.6 prior to 15.0.5, 15.1 prior to 15.1.4, and 15.2 prior to 15.2.1, allowed a project member to filter issues by contact and organization...

5.3CVSS5.7AI score0.00635EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2022/07/01 4:15 p.m.38 views

CVE-2022-2244

An improper authorization vulnerability in GitLab EE/CE affecting all versions from 14.8 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1, allows project memebers with reporter role to manage issues in project's error tracking feature...

4.3CVSS5.9AI score0.00786EPSS
Exploits0References4
Prion
Prion
added 2022/07/01 4:15 p.m.17 views

Authorization

An improper authorization vulnerability in GitLab EE/CE affecting all versions from 14.8 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1, allows project memebers with reporter role to manage issues in project's error tracking feature...

4CVSS4.6AI score0.00786EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/06/06 5:15 p.m.7 views

CVE-2022-1783

An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.3 before 14.9.5, all versions starting from 14.10 before 14.10.4, all versions starting from 15.0 before 15.0.1. It may be possible for malicious group maintainers to add new members to a project within their...

4CVSS6.4AI score0.00947EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2022/06/02 12:0 a.m.3 views

GitLab Enterprise Edition和GitLab Community Edition 安全漏洞

GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of GitLab, Inc. GitLab Enterprise Edition is a content management system. GitLab Enterprise Edition is a content management system. A security vulnerability exists in GitLab Community Edition and GitLab Enterprise...

4CVSS6.4AI score0.00947EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2022/05/18 12:0 a.m.24 views

GitLab 8.12 < 14.8.6 / 14.9 < 14.9.4 / 14.10 < 14.10.1 (CVE-2022-1417)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Improper access control in GitLab CE/EE affecting all versions starting from 8.12 before 14.8.6, all versions starting from 14.9 before 14.9.4, and all versions starting from 14.10 before 14.10.1 allo...

4.3CVSS5.2AI score0.00945EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/05/18 12:0 a.m.6 views

PT-2022-3037 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 14.3 through 14.9.4 GitLab CE/EE versions 14.10 through 14.10.3 GitLab CE/EE versions 15.0 through 15.0.0 Description: An issue has been discovered in GitLab CE/EE, related to inadequate access control. It may be possibl...

4CVSS3.7AI score0.00947EPSS
Exploits0References13
Rows per page
Query Builder