8 matches found
Linux Distros Unpatched Vulnerability : CVE-2022-3706
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper authorization in GitLab CE/EE affecting all versions from 7.14 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows a user retrying a...
CVE-2022-3706
Improper authorization in GitLab CE/EE affecting all versions from 7.14 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows a user retrying a job in a downstream pipeline to take ownership of the retried jobs in the upstream pipeline even if the user doesn't have access to that...
CVE-2022-3706
Improper authorization in GitLab CE/EE affecting all versions from 7.14 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows a user retrying a job in a downstream pipeline to take ownership of the retried jobs in the upstream pipeline even if the user doesn't have access to that...
CVE-2022-3706
Improper authorization in GitLab CE/EE affecting all versions from 7.14 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows a user retrying a job in a downstream pipeline to take ownership of the retried jobs in the upstream pipeline even if the user doesn't have access to that...
CVE-2022-3706
Removed by vendor...
CVE-2022-3706
CVE-2022-3706 affects GitLab CE/EE: improper authorization lets a user retrying a downstream job take ownership of retried upstream jobs without access to the project. Affected versions: 7.14 up to but not including 15.3.5; 15.4 up to but not including 15.4.4; 15.5 up to but not including 15.5.2....
GitLab 7.14 < 15.3.5 / 15.4 < 15.4.4 / 15.5 < 15.5.2 (CVE-2022-3706)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Improper authorization in GitLab CE/EE affecting all versions from 7.14 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows a user retrying a job in a downstream pipeline to take...
FreeBSD : Gitlab -- Multiple vulnerabilities (16f7ec68-5cce-11ed-9be7-454b1dd82c64)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 16f7ec68-5cce-11ed-9be7-454b1dd82c64 advisory. - Gitlab reports: DAST analyzer sends custom request headers with every request Stored-XSS wit...