CVE-2022-23716

A flaw was discovered in ECE before 3.1.1 that could lead to the disclosure of the SAML signing private key used for the RBAC features, in deployment logs in the Logging and Monitoring cluster...

CVE-2025-1299

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 18.0.5, all versions starting from 18.1 before 18.1.3, all versions starting from 18.2 before 18.2.1 that, under circumstances, could have allowed an unauthorized user to read deployment job logs by...

EUVD-2018-3358

Malware in sbrugna...

EUVD-2025-22488

Malicious code in bioql PyPI...

EUVD-2022-28651

Malicious code in bioql PyPI...

EUVD-2022-6414

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-1299

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 18.0.5, all versions starting from 18.1 before 18.1.3, all version...

BIT-GITLAB-2025-1299 Missing Authorization in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 18.0.5, all versions starting from 18.1 before 18.1.3, all versions starting from 18.2 before 18.2.1 that, under circumstances, could have allowed an unauthorized user to read deployment job logs by...

UBUNTU-CVE-2025-1299

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 18.0.5, all versions starting from 18.1 before 18.1.3, all versions starting from 18.2 before 18.2.1 that, under circumstances, could have allowed an unauthorized user to read deployment job logs by...

CVE-2025-1299

CVE-2025-1299 affects GitLab CE/EE, with all versions from 15.4 up to before 18.0.5, all 18.1.x before 18.1.3, and all 18.2.x before 18.2.1 vulnerable to an unauthorized user reading deployment job logs by sending a crafted request. The connected sources (Red Hat, Debian, NVD, OSV, Ubuntu CVE tra...

GitLab Enterprise Edition（EE）和GitLab Community Edition（CE） 安全漏洞

GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of GitLab, Inc. GitLab Enterprise Edition is a content management system. GitLab Enterprise Edition is a content management system. A security vulnerability exists in GitLab CE and EE versions prior to 15.4 to 18.0.5,...

PT-2025-30637 · Gitlab · Gitlab Ce/Ee

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 15.4 through 18.0.4 GitLab CE/EE versions 18.1 through 18.1.2 GitLab CE/EE versions 18.2 through 18.2.0 Description: An issue exists that may allow an unauthorized user to read deployment job logs by sending a crafted...

CVE-2022-36891

A missing permission check in Jenkins Deployer Framework Plugin 85.v1d1888e8c021 and earlier allows attackers with Item/Read permission but without Deploy Now/Deploy permission to read deployment logs...

CVE-2022-23715

A flaw was discovered in ECE before 3.4.0 that might lead to the disclosure of sensitive information such as user passwords and Elasticsearch keystore settings values in logs such as the audit log or deployment logs in the Logging and Monitoring cluster. The affected APIs are PATCH /api/v1/user a...

CVE-2018-11320

In Octopus Deploy 2018.4.4 through 2018.5.1, Octopus variables that are sourced from the target do not have sensitive values obfuscated in the deployment logs...

CVE-2022-23716

A flaw was discovered in ECE before 3.1.1 that could lead to the disclosure of the SAML signing private key used for the RBAC features, in deployment logs in the Logging and Monitoring cluster...

Design/Logic Flaw

A flaw was discovered in ECE before 3.1.1 that could lead to the disclosure of the SAML signing private key used for the RBAC features, in deployment logs in the Logging and Monitoring cluster...

CVE-2022-23716

The CVE-2022-23716 entry pertains to Elastic Cloud Enterprise (ECE) before 3.1.1, where the SAML signing private key used for RBAC could be disclosed via deployment logs in the Logging and Monitoring cluster. Connected sources confirm affected product/version and the root cause (private key expos...

CVE-2022-23716

A flaw was discovered in ECE before 3.1.1 that could lead to the disclosure of the SAML signing private key used for the RBAC features, in deployment logs in the Logging and Monitoring cluster...

CVE-2022-23716

A flaw was discovered in ECE before 3.1.1 that could lead to the disclosure of the SAML signing private key used for the RBAC features, in deployment logs in the Logging and Monitoring cluster...