27 matches found
CVE-2023-4378
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. A malicious Maintainer can, under specific circumstances, leak the sentry token by changing the...
EUVD-2023-54242
Malicious code in bioql PyPI...
EUVD-2022-51715
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-4365
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 before 15.5.7, all versions starting from 15.6 before 15.6.4, all version...
Linux Distros Unpatched Vulnerability : CVE-2023-4378
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 before 16.1.5, all versions starting from 16.2 before 16.2.5, all version...
CVE-2022-4365
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 before 15.5.7, all versions starting from 15.6 before 15.6.4, all versions starting from 15.7 before 15.7.2. A malicious Maintainer can leak the sentry token by changing the configured URL in the Sentry error...
GitLab 11.8 < 16.1.5 / 16.2 < 16.2.5 / 16.3 < 16.3.1 (CVE-2023-4378)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. A...
GitLab 11.8 < 15.5.7 / 15.6 < 15.6.4 / 15.7 < 15.7.2 (CVE-2022-4365)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 before 15.5.7, all versions starting from 15.6 before 15.6.4, all versions starting from 15.7 before 15.7.2. A...
CVE-2023-4378
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. A malicious Maintainer can, under specific circumstances, leak the sentry token by changing the...
Design/Logic Flaw
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. A malicious Maintainer can, under specific circumstances, leak the sentry token by changing the...
UBUNTU-CVE-2023-4378
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. A malicious Maintainer can, under specific circumstances, leak the sentry token by changing the...
CVE-2023-4378
GitLab CVE-2023-4378 affects GitLab CE/EE versions: 11.8–16.1.4, 16.2.0–16.2.4, and 16.3.0–16.3.0 (i.e., before 16.1.5, 16.2.5, and 16.3.1 respectively). The issue enables a Maintainer to leak the Sentry token by altering the Sentry error-tracking URL, stemming from an incomplete fix for CVE-2022...
CVE-2023-4378
Removed by vendor...
CVE-2023-4378 Insertion of Sensitive Information Into Sent Data in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. A malicious Maintainer can, under specific circumstances, leak the sentry token by changing the...
PT-2023-28979 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 11.8 through 16.1.4 GitLab CE/EE versions 16.2 through 16.2.4 GitLab CE/EE versions 16.3 through 16.3.0 Description: An issue has been discovered that allows a malicious Maintainer to leak the sentry token under specific...
GitLab Security Breach
GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD continuous integration and continuous delivery, and other features. GitLab suffers from a security vulnerability that stems from the fact that und...
GitLab: Maintainer can leak sentry token by changing the configured URL (fix bypass)
A malicious Maintainer could have leaked the sentry token by changing the configured URL in the Sentry error tracking settings page. This was as a result of an incomplete fix for CVE-2022-4365...
Information Disclosure
gitlab is vulnerable to Information Disclosure. A malicious authenticated maintainer is able to leak the sentry token by changing the configured URL in the sentry error tracking settings page...
CVE-2022-4365
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 before 15.5.7, all versions starting from 15.6 before 15.6.4, all versions starting from 15.7 before 15.7.2. A malicious Maintainer can leak the sentry token by changing the configured URL in the Sentry error...
CVE-2022-4365
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 before 15.5.7, all versions starting from 15.6 before 15.6.4, all versions starting from 15.7 before 15.7.2. A malicious Maintainer can leak the sentry token by changing the configured URL in the Sentry error...