8 matches found
GitLab < 15.6.7 (SECURITY-RELEASE-GITLAB-15-8-1-RELEASED)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - A lack of length validation in GitLab CE/EE affecting all versions from 12.4 before 15.6.7, 15.7 before 15.7.6, and 15.8 before 15.8.1 allows an authenticated attacker to create a large Issue...
CVE-2023-0884
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-3759. Reason: This candidate is a reservation duplicate of CVE-2022-3759. Notes: All CVE users should reference CVE-2022-3759 instead of this candidate. All references and descriptions in this candidate have been removed to...
CVE-2022-3759
An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.3 before 15.6.7, all versions starting from 15.7 before 15.7.6, all versions starting from 15.8 before 15.8.1. An attacker may upload a crafted CI job artifact zip file in a project that uses dynamic child...
CVE-2022-3759
An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.3 before 15.6.7, all versions starting from 15.7 before 15.7.6, all versions starting from 15.8 before 15.8.1. An attacker may upload a crafted CI job artifact zip file in a project that uses dynamic child...
CVE-2022-3759
CVE-2022-3759 affects GitLab CE/EE and can cause a DoS by uploading a crafted CI job artifact ZIP in projects using dynamic child pipelines, triggering a memory-intensive Sidekiq job. Impacted ranges: GitLab 14.3–14.3.x before 15.6.7; 15.7.x before 15.7.6; 15.8.x before 15.8.1. In vulnerable envi...
GitLab 14.3 < 15.6.7 / 15.7 < 15.7.6 / 15.8 < 15.8.1 (CVE-2022-3759)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.3 before 15.6.7, all versions starting from 15.7 before 15.7.6, all versions starting from 15.8 before 15.8.1. An...
FreeBSD : Gitlab -- Multiple Vulnerabilities (ee890be3-a1ec-11ed-a81d-001b217b3468)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the ee890be3-a1ec-11ed-a81d-001b217b3468 advisory. - A lack of length validation in GitLab CE/EE affecting all versions from 12.4 before 15.6.7,...
CVE-2023-0884
CVE-2023-0884 is a reservation duplicate of CVE-2022-3759 and is not an active vulnerability entry; use CVE-2022-3759 for details. Technical details: GitLab CE/EE versions affected are 14.3–15.6.7, 15.7–15.7.6, and 15.8–15.8.1, where an attacker could achieve Denial of Service by uploading crafte...