8 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-6389
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GitLab-CE/EE affecting all versions starting with 17.0 before 17.1.7, 17.2 before 17.2.5, and 17.3 before 17.3.2. An attacker as a...
CVE-2024-6389
An issue was discovered in GitLab-CE/EE affecting all versions starting with 17.0 before 17.1.7, 17.2 before 17.2.5, and 17.3 before 17.3.2. An attacker as a guest user was able to access commit information via the release Atom endpoint, contrary to permissions...
UBUNTU-CVE-2024-6389
An issue was discovered in GitLab-CE/EE affecting all versions starting with 17.0 before 17.1.7, 17.2 before 17.2.5, and 17.3 before 17.3.2. An attacker as a guest user was able to access commit information via the release Atom endpoint, contrary to permissions...
CVE-2024-6389
Removed by vendor...
CVE-2024-6389 Exposure of Sensitive System Information to an Unauthorized Control Sphere in GitLab
An issue was discovered in GitLab-CE/EE affecting all versions starting with 17.0 before 17.1.7, 17.2 before 17.2.5, and 17.3 before 17.3.2. An attacker as a guest user was able to access commit information via the release Atom endpoint, contrary to permissions...
PT-2024-37586 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab-CE/EE versions 17.0 through 17.1.7 GitLab-CE/EE versions 17.2 through 17.2.5 GitLab-CE/EE versions 17.3 through 17.3.2 Description: An issue was discovered in GitLab-CE/EE where an attacker, as a guest user, was able to access commit...
GSD-2022-1002579 net/mlx5: E-Switch, pair only capable devices
net/mlx5: E-Switch, pair only capable devices This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.4 by commit...
GSD-2022-1000555 libsubcmd: Fix use-after-free for realloc(..., 0)
libsubcmd: Fix use-after-free for realloc..., 0 This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.11 by commit...