86 matches found
CVE-2023-3509
An issue has been discovered in GitLab affecting all versions before 16.7.6, all versions starting from 16.8 before 16.8.3, all versions starting from 16.9 before 16.9.1. It was possible for group members with sub-maintainer role to change the title of privately accessible deploy keys associated...
Information disclosure
An issue has been discovered in GitLab affecting all versions before 16.7.6, all versions starting from 16.8 before 16.8.3, all versions starting from 16.9 before 16.9.1. It was possible for group members with sub-maintainer role to change the title of privately accessible deploy keys associated...
UBUNTU-CVE-2023-3509
An issue has been discovered in GitLab affecting all versions before 16.7.6, all versions starting from 16.8 before 16.8.3, all versions starting from 16.9 before 16.9.1. It was possible for group members with sub-maintainer role to change the title of privately accessible deploy keys associated...
CVE-2023-3509 Incorrect Authorization in GitLab
An issue has been discovered in GitLab affecting all versions before 16.7.6, all versions starting from 16.8 before 16.8.3, all versions starting from 16.9 before 16.9.1. It was possible for group members with sub-maintainer role to change the title of privately accessible deploy keys associated...
CVE-2023-3509
CVE-2023-3509 affects GitLab across versions: before 16.7.6, 16.8 before 16.8.3, and 16.9 before 16.9.1. The issue allows group members with sub-maintainer rights to rename privately accessible deploy keys associated with projects within the group. Mitigations are published by GitLab in fixed rel...
CVE-2023-3509
Removed by vendor...
GitLab 0 < 16.7.6 / 16.8 < 16.8.3 / 16.9 < 16.9.1 (CVE-2023-3509)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab affecting all versions before 16.7.6, all versions starting from 16.8 before 16.8.3, all versions starting from 16.9 before 16.9.1. It was possible for group...
Improper Authorization
gitlab is vulnerable to Improper Authorization. It is possible for a removed project member to write to protected branches by using deploy keys...
UBUNTU-CVE-2023-5198
An issue has been discovered in GitLab affecting all versions prior to 16.2.7, all versions starting from 16.3 before 16.3.5, and all versions starting from 16.4 before 16.4.1. It was possible for a removed project member to write to protected branches using deploy keys...
CVE-2023-5198 Incorrect Authorization in GitLab
An issue has been discovered in GitLab affecting all versions prior to 16.2.7, all versions starting from 16.3 before 16.3.5, and all versions starting from 16.4 before 16.4.1. It was possible for a removed project member to write to protected branches using deploy keys...
CVE-2023-5198 Incorrect Authorization in GitLab
An issue has been discovered in GitLab affecting all versions prior to 16.2.7, all versions starting from 16.3 before 16.3.5, and all versions starting from 16.4 before 16.4.1. It was possible for a removed project member to write to protected branches using deploy keys...
CVE-2023-5198
Summary: CVE-2023-5198 affects GitLab installations older than 16.2.7, and releases 16.3 before 16.3.5 and 16.4 before 16.4.1. The root cause is an issue where a removed project member could write to protected branches via deploy keys. Affected software: GitLab (versions prior to 16.2.7; 16.3.x b...
CVE-2023-5198
Removed by vendor...
PT-2023-31905 · Gitlab · Gitlab
Name of the Vulnerable Software and Affected Versions: GitLab versions prior to 16.2.7 GitLab versions 16.3 through 16.3.5 GitLab versions 16.4 through 16.4.1 Description: An issue has been discovered in GitLab where a removed project member could write to protected branches using deploy keys...
Information Disclosure
gitlab is vulnerable to Information Disclosure. When external authorization is enabled, a group owner may be able to overcome it in order to access git repositories and package registries by utilizing deploy tokens or deploy keys...
PT-2023-8702 · Gitlab · Gitlab
Name of the Vulnerable Software and Affected Versions: GitLab versions prior to 16.7.6 GitLab versions 16.8 through 16.8.2 GitLab versions 16.9 through 16.9.0 Description: An issue has been discovered in GitLab that allows group members with a sub-maintainer role to change the title of privately...
UBUNTU-CVE-2022-3740
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.9 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2. A group owner may be able to bypass External Authorization check, if it is enabled, to access git repositories and package registries by using...
CVE-2022-3740
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.9 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2. A group owner may be able to bypass External Authorization check, if it is enabled, to access git repositories and package registries by using...
PT-2023-1347 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 12.9 through 15.3.4 GitLab CE/EE versions 15.4 through 15.4.3 GitLab CE/EE versions 15.5 through 15.5.1 Description: The issue is related to a flaw in the authorization procedure when managing keys and tokens using...
CVE-2022-3740
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.9 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2. A group owner may be able to bypass External Authorization check, if it is enabled, to access git repositories and package registries by using...