7 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-1525
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.1 before 16.7.6, all versions starting from 16.8 before 16.8.3, all version...
CVE-2024-1525
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.1 before 16.7.6, all versions starting from 16.8 before 16.8.3, all versions starting from 16.9 before 16.9.1. Under some specialized conditions, an LDAP user may be able to reset their password using their...
GitLab 16.1 < 16.7.6 / 16.8 < 16.8.3 / 16.9 < 16.9.1 (CVE-2024-1525)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.1 before 16.7.6, all versions starting from 16.8 before 16.8.3, all versions starting from 16.9 before 16.9.1. Unde...
FreeBSD : Gitlab -- Vulnerabilities (03bf5157-d145-11ee-acee-001b217b3468)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 03bf5157-d145-11ee-acee-001b217b3468 advisory. - An issue has been discovered in GitLab affecting all versions before 16.7.6, all versions...
CVE-2024-1525 Authentication Bypass Using an Alternate Path or Channel in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.1 before 16.7.6, all versions starting from 16.8 before 16.8.3, all versions starting from 16.9 before 16.9.1. Under some specialized conditions, an LDAP user may be able to reset their password using their...
CVE-2024-1525
GitLab CE/EE contains CVE-2024-1525: an authentication bypass where, under certain conditions, an LDAP user can reset their password via their verified secondary email and sign in with reset credentials, bypassing LDAP. Affected versions are GitLab 16.1–16.7.6, 16.8 (except 16.8.3 and later), and...
CVE-2024-1525 Authentication Bypass Using an Alternate Path or Channel in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.1 before 16.7.6, all versions starting from 16.8 before 16.8.3, all versions starting from 16.9 before 16.9.1. Under some specialized conditions, an LDAP user may be able to reset their password using their...