3 matches found
GitLab 12.10 < 14.8.6 / 14.9 < 14.9.4 / 14.10 < 14.10.1 (CVE-2022-1431)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab affecting all versions starting from 12.10 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. GitLab...
Three new API exploits causes GitLab data privacy and availability issues
On May 10, 2022, and May 11, 2022, CVE-2022-1352 CVE-2021-1431, and CVE-2022-1545 were fixed and published on Gitlab-ORG public repository. There are no technical details or exploits yet, but according to the high-level description and titles, they gonna be critical Gitlab API vulnerabilities tha...
CVE-2022-1431
CVE-2022-1431 affects GitLab versions 12.10.x prior to 14.8.6, 14.9.x prior to 14.9.4, and 14.10.x prior to 14.10.1. The root cause is improper handling of malicious requests to the PyPi API endpoint, allowing uncontrolled resource consumption and potential denial of service. Affected component i...