EUVD-2021-26299

Malware in sbrugna...

EUVD-2018-7620

Malware in sbrugna...

Dell PowerScale OneFS Authorization Logic Error Vulnerability

PowerScale OneFS is a distributed storage operating system developed by Dell to provide unified file system management and high availability services for enterprise-class storage environments. Dell PowerScale OneFS suffers from an authorization logic error vulnerability that stems from not proper...

BIT-GITLAB-2021-39943

An authorization logic error in the External Status Check API in GitLab EE affecting all versions starting from 14.1 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, allowed a user to update the status of the check via an API call...

GitLab 14.1.0 < 14.3.6 / 14.4.0 < 14.4.4 / 14.5.0 < 14.5.2 (CVE-2021-39943)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An authorization logic error in the External Status Check API in GitLab EE affecting all versions starting from 14.1 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting...

CVE-2021-39943

An authorization logic error in the External Status Check API in GitLab EE affecting all versions starting from 14.1 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, allowed a user to update the status of the check via an API call...

CVE-2021-39943

An authorization logic error in the External Status Check API in GitLab EE affecting all versions starting from 14.1 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, allowed a user to update the status of the check via an API call...

CVE-2021-39943

An authorization logic error in the External Status Check API in GitLab EE affecting all versions starting from 14.1 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, allowed a user to update the status of the check via an API call...

CVE-2021-39943

An authorization logic error in the External Status Check API in GitLab EE affecting all versions starting from 14.1 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, allowed a user to update the status of the check via an API call...

CVE-2021-39943

CVE-2021-39943 describes an authorization logic error in GitLab EE's External Status Check API, allowing a user to update the status of a check via an API call. The issue affects GitLab EE versions: 14.1 up to but not including 14.3.6; 14.4.x up to but not including 14.4.4; and 14.5.x up to but n...

CVE-2021-39943

Removed by vendor...

FreeBSD : Gitlab -- multiple vulnerabilities (3507bfb3-85d5-11ec-8c9c-001b217b3468)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 3507bfb3-85d5-11ec-8c9c-001b217b3468 advisory. - An authorization logic error in the External Status Check API in GitLab EE affecting all...

CVE-2018-15754

Cloud Foundry UAA, versions 60 prior to 66.0, contain an authorization logic error. In environments with multiple identity providers that contain accounts across identity providers with the same username, a remote authenticated user with access to one of these accounts may be able to obtain a tok...

CVE-2018-15754

Cloud Foundry UAA, versions 60 prior to 66.0, contain an authorization logic error. In environments with multiple identity providers that contain accounts across identity providers with the same username, a remote authenticated user with access to one of these accounts may be able to obtain a tok...

CVE-2018-15754 UAA can issue tokens across identity providers if users with matching usernames exist

Cloud Foundry UAA, versions 60 prior to 66.0, contain an authorization logic error. In environments with multiple identity providers that contain accounts across identity providers with the same username, a remote authenticated user with access to one of these accounts may be able to obtain a tok...

CVE-2018-15754

Cloud Foundry UAA (versions 60.x prior to 66.0) contains an authorization logic error that can allow a remote authenticated user to obtain a token for another account with the same username across different identity providers. This vulnerability is triggered in environments with multiple identity...

CVE-2018-15754: UAA issues tokens across identity providers if users with matching usernames exist | Cloud Foundry

Severity Medium Vendor Cloud Foundry Foundation Affected Cloud Foundry Products and Versions UAA all versions in v60.x, v61.x, v62.x, v63.x, v64.x Description Cloud Foundry UAA, all versions in v60.x, v61.x, v62.x, v63.x, and v64.x contain an authorization logic error. In environments with multip...