CVE-2026-6517

Mattermost Desktop App versions =6.1 5.5.13.0 fail to restrict the allow list of domains to which NTLM credentials were forwarded to in the Mattermost Desktop App which allows any user on a server without the image proxy enabled to intercept other users credentials via embedding an image that...

CVE-2026-6517 Mattermost Desktop App fails to restrict the allow list of domains which NTLM credentials are passed

Mattermost Desktop App versions =6.1 5.5.13.0 fail to restrict the allow list of domains to which NTLM credentials were forwarded to in the Mattermost Desktop App which allows any user on a server without the image proxy enabled to intercept other users credentials via embedding an image that...

CVE-2026-6517 Mattermost Desktop App fails to restrict the allow list of domains which NTLM credentials are passed

Mattermost Desktop App versions =6.1 5.5.13.0 fail to restrict the allow list of domains to which NTLM credentials were forwarded to in the Mattermost Desktop App which allows any user on a server without the image proxy enabled to intercept other users credentials via embedding an image that...

Linux Distros Unpatched Vulnerability : CVE-2022-1981

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab EE affecting all versions starting from 12.2 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1. In GitLab,...

BIT-GITLAB-2022-1981

An issue has been discovered in GitLab EE affecting all versions starting from 12.2 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1. In GitLab, if a group enables the setting to restrict access to users belonging to specific domains, that allow-list may be bypassed if a Maintaine...

FreeBSD : Gitlab -- multiple vulnerabilities (d1b35142-ff4a-11ec-8be3-001b217b3468)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the d1b35142-ff4a-11ec-8be3-001b217b3468 advisory. - A Regular Expression Denial of Service vulnerability in GitLab CE/EE affecting all versions...

CVE-2022-1981

An issue has been discovered in GitLab EE affecting all versions starting from 12.2 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1. In GitLab, if a group enables the setting to restrict access to users belonging to specific domains, that allow-list may be bypassed if a Maintaine...

CVE-2022-1981

An issue has been discovered in GitLab EE affecting all versions starting from 12.2 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1. In GitLab, if a group enables the setting to restrict access to users belonging to specific domains, that allow-list may be bypassed if a Maintaine...

Information disclosure

An issue has been discovered in GitLab EE affecting all versions starting from 12.2 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1. In GitLab, if a group enables the setting to restrict access to users belonging to specific domains, that allow-list may be bypassed if a Maintaine...

UBUNTU-CVE-2022-1981

An issue has been discovered in GitLab EE affecting all versions starting from 12.2 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1. In GitLab, if a group enables the setting to restrict access to users belonging to specific domains, that allow-list may be bypassed if a Maintaine...

CVE-2022-1981

Removed by vendor...

PT-2022-14233 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab EE versions 12.2 through 14.10.5 GitLab EE versions 15.0 through 15.0.4 GitLab EE versions 15.1 through 15.1.1 Description: An issue has been discovered in GitLab EE where the domain allow-list can be bypassed. This occurs when a group...