15 matches found
Linux Distros Unpatched Vulnerability : CVE-2022-2303
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15....
CVE-2023-52203
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Oliver Seidel, Bastian Germann cformsII allows Stored XSS.This issue affects cformsII: from n/a through 15.0.5...
PT-2024-14469 · Cformsii · Cformsii
Name of the Vulnerable Software and Affected Versions: cformsII versions through 15.0.5 Description: The issue affects cformsII, allowing Stored XSS due to improper neutralization of input during web page generation. This is a Cross-site Scripting vulnerability. Recommendations: For versions...
CVE-2023-30540 Chat poll data can still be queried from API after purging history in Nextcloud talk
Nextcloud Talk is a chat, video & audio call extension for Nextcloud. In affected versions a user that was added later to a conversation can use this information to get access to data that was deleted before they were added to the conversation. This issue has been patched in version 15.0.5 and it...
CVE-2022-2499
GitLab EE Jira integration contains an insecure direct object reference vulnerability that may allow an attacker to leak Jira issues. Affected GitLab EE versions: 13.10–15.0.4, 15.1–15.1.3, and 15.2–15.2.0. Root cause is an insecure direct object reference in the Jira integration. Remediation by ...
PT-2022-16742 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab EE versions prior to 15.0.5 GitLab EE versions 15.1 through 15.1.4 GitLab EE versions 15.2 through 15.2.1 Description: An issue has been discovered in GitLab EE where email invited members may be able to join a project even after the...
PT-2022-17026 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab EE versions prior to 15.0.5 GitLab EE versions 15.1 prior to 15.1.4 GitLab EE versions 15.2 prior to 15.2.1 Description: The issue is related to pipeline subscriptions in GitLab EE, where new pipelines are triggered with the person who...
PT-2022-17043 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab EE versions prior to 15.0.5 GitLab EE versions 15.1 prior to 15.1.4 GitLab EE versions 15.2 prior to 15.2.1 Description: The issue is related to improper access control, allowing an attacker to bypass IP allow-listing and download...
PT-2022-17039 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions prior to 15.0.5 GitLab CE/EE versions 15.1 prior to 15.1.4 GitLab CE/EE versions 15.2 prior to 15.2.1 Description: A cross-site scripting issue has been discovered, allowing attackers to perform arbitrary actions on beha...
PT-2022-17035 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab EE versions 13.10 through 15.0.4 GitLab EE versions 15.1 through 15.1.3 GitLab EE versions 15.2 through 15.2.0 Description: An issue has been discovered in GitLab EE's Jira integration, which has an insecure direct object reference...
PT-2022-16520 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions prior to 15.0.5 GitLab CE/EE versions 15.1 prior to 15.1.4 GitLab CE/EE versions 15.2 prior to 15.2.1 Description: The issue is related to insufficient validation in GitLab, allowing an authenticated and authorized user ...
GitLab 12.5 < 15.0.5 / 15.1 < 15.1.4 / 15.2 < 15.2.1 (CVE-2022-2531)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab EE affecting all versions starting from 12.5 before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. GitLab...
GitLab 0.0 < 15.0.5 / 15.1 < 15.1.4 / 15.2 < 15.2.1 (CVE-2022-2500)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - A cross-site scripting issue has been discovered in GitLab CE/EE affecting all versions before 15.0.5, 15.1 prior to 15.1.4, and 15.2 prior to 15.2.1. A stored XSS flaw in job error messages allows...
GitLab CE/EE 安全漏洞
GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery and other features. A security vulnerability exists in all versions of GitLab CE/EE prior to versio...
GitLab CE/EE 安全漏洞
GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery and other features. A security vulnerability in GitLab CE/EE all versions prior to 15.0.5, all...