22 matches found
GitLab 安全漏洞
GitLab is an end-to-end software development platform provided by the American company GitLab. It includes built-in features such as version control, issue tracking, code review, and CI/CD Continuous Integration and Delivery. Vulnerabilities exist in versions of GitLab CE/EE before 18.10.7,...
EUVD-2021-26223
Malware in sbrugna...
EUVD-2021-26271
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2021-39915
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper access control in the GraphQL API in GitLab CE/EE affecting all versions starting from 13.0 before 14.3.6, all versions starting from 14.4 before 14.4....
Linux Distros Unpatched Vulnerability : CVE-2021-39866
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A business logic error in the project deletion process in GitLab 13.6 and later allows persistent access via project access tokens. CVE-2021-39866 Note that...
CVE-2021-39866
A business logic error in the project deletion process in GitLab 13.6 and later allows persistent access via project access tokens...
CVE-2021-39915
Improper access control in the GraphQL API in GitLab CE/EE affecting all versions starting from 13.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, allows an attacker to see the names of project access tokens on arbitrary projects...
BIT-GITLAB-2021-39915
Improper access control in the GraphQL API in GitLab CE/EE affecting all versions starting from 13.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, allows an attacker to see the names of project access tokens on arbitrary projects...
GitLab 13.6 < 14.1.7 / 14.2 < 14.2.5 / 14.3 < 14.3.1 (CVE-2021-39866)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - A business logic error in the project deletion process in GitLab 13.6 and later allows persistent access via project access tokens. CVE-2021-39866 Note that Nessus has not tested for this issue but ha...
CVE-2021-39915
Improper access control in the GraphQL API in GitLab CE/EE affecting all versions starting from 13.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, allows an attacker to see the names of project access tokens on arbitrary projects...
CVE-2021-39915
Improper access control in the GraphQL API in GitLab CE/EE affecting all versions starting from 13.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, allows an attacker to see the names of project access tokens on arbitrary projects...
UBUNTU-CVE-2021-39915
Improper access control in the GraphQL API in GitLab CE/EE affecting all versions starting from 13.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, allows an attacker to see the names of project access tokens on arbitrary projects...
PT-2021-22761 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 13.0 through 14.3.6 GitLab CE/EE versions 14.4 through 14.4.4 GitLab CE/EE versions 14.5 through 14.5.2 Description: The issue is related to improper access control in the GraphQL API, allowing an attacker to see the nam...
CVE-2021-39866
A business logic error in the project deletion process in GitLab 13.6 and later allows persistent access via project access tokens...
Design/Logic Flaw
A business logic error in the project deletion process in GitLab 13.6 and later allows persistent access via project access tokens...
CVE-2021-39866
A business logic error in the project deletion process in GitLab 13.6 and later allows persistent access via project access tokens...
UBUNTU-CVE-2021-39866
A business logic error in the project deletion process in GitLab 13.6 and later allows persistent access via project access tokens...
CVE-2021-39866
A business logic error in the project deletion process in GitLab 13.6 and later allows persistent access via project access tokens...
CVE-2021-39866
Removed by vendor...
PT-2021-22713 · Gitlab · Gitlab
Name of the Vulnerable Software and Affected Versions: GitLab versions 13.6 and later Description: A business logic error in the project deletion process allows persistent access via project access tokens. Recommendations: For GitLab versions 13.6 and later, update to a version that includes a fi...