4 matches found
CVE-2026-55469 Snipe-IT: Path traversal vulnerability via CSV import `image` field
Snipe-IT is an IT asset/license management system. Prior to 8.6.2, an authenticated user with import and assets.update permissions can place a path traversal string in an asset image field through CSV import and then trigger image deletion, allowing deletion of arbitrary files accessible to the...
EUVD-2020-5593
Malware in sbrugna...
UBUNTU-CVE-2020-13333
A potential DOS vulnerability was discovered in GitLab versions 13.1, 13.2 and 13.3. The api to update an asset as a link from a release had a regex check which caused exponential number of backtracks for certain user supplied values resulting in high CPU usage...
PT-2020-13474 · Gitlab · Gitlab
Name of the Vulnerable Software and Affected Versions: GitLab versions 13.1 through 13.3 Description: A potential DOS issue was discovered. The API to update an asset as a link from a release had a regex check which caused an exponential number of backtracks for certain user-supplied values,...