CVE-2026-11379

GitLab has remediated an issue in GitLab EE affecting all versions from 13.11 prior to 18.11.6, 19.0 prior to 19.0.3, and 19.1 prior to 19.1.1 in which incorrect authorization in DAST site profile management could allow a user with Developer role to exfiltrate DAST site profile secrets under...

EUVD-2022-43119

Malicious code in bioql PyPI...

EUVD-2023-12387

Malicious code in bioql PyPI...

EUVD-2023-23657

Malicious code in bioql PyPI...

EUVD-2023-58186

Malicious code in bioql PyPI...

EUVD-2022-51671

Malicious code in bioql PyPI...

EUVD-2022-51566

Malicious code in bioql PyPI...

EUVD-2024-27688

Malicious code in bioql PyPI...

EUVD-2022-51669

Malicious code in bioql PyPI...

Malicious code in tju-dast-lixiaohong (npm)

The package tju-dast-lixiaohong was found to contain malicious code...

MAL-2025-46339 Malicious code in tju-dast-lixiaohong (npm)

The package tju-dast-lixiaohong was found to contain malicious code...

Malicious code in sjtu-seyilingliu-dast (npm)

The package sjtu-seyilingliu-dast was found to contain malicious code...

MAL-2025-33358 Malicious code in sjtu-seyilingliu-dast (npm)

The package sjtu-seyilingliu-dast was found to contain malicious code...

CVE-2024-2743

An issue was discovered in GitLab-EE starting with version 13.3 before 17.1.7, 17.2 before 17.2.5, and 17.3 before 17.3.2 that would allow an attacker to modify an on-demand DAST scan without permissions and leak variables...

CVE-2023-5913

Incorrect Privilege Assignment vulnerability in opentext Fortify ScanCentral DAST. The vulnerability could be exploited to gain elevated privileges.This issue affects Fortify ScanCentral DAST versions 21.1, 21.2, 21.2.1, 22.1, 22.1.1, 22.2, 23.1...

CVE-2023-1401

An issue has been discovered in GitLab DAST scanner affecting all versions starting from 3.0.29 before 4.0.5, in which the DAST scanner leak cross site cookies on redirect during authorization...

CVE-2023-0326

An issue has been discovered in GitLab DAST API scanner affecting all versions starting from 1.6.50 before 2.11.0, where Authorization headers was leaked in vulnerability report evidence...

CVE-2022-4315

An issue has been discovered in GitLab DAST analyzer affecting all versions starting from 2.0 before 3.0.55, which sends custom request headers with every request on the authentication page...

CVE-2022-4206

A sensitive information leak issue has been discovered in all versions of DAST API scanner from 1.6.50 prior to 2.0.102, exposing the Authorization header in the vulnerability report...

CVE-2022-4317

An issue has been discovered in GitLab DAST analyzer affecting all versions starting from 1.47 before 3.0.51, which sends custom request headers in redirects...