23 matches found
CVE-2019-18456
An issue was discovered in GitLab Community and Enterprise Edition 8.17 through 12.4 in the Search feature provided by Elasticsearch integration.. It has Insecure Permissions issue 1 of 4...
EUVD-2019-9240
Malware in sbrugna...
EUVD-2019-8210
Malware in sbrugna...
EUVD-2019-6557
Malware in sbrugna...
EUVD-2019-8206
Malware in sbrugna...
EUVD-2024-3366
Malicious code in bioql PyPI...
CVE-2019-15590
An access control issue exists in 12.3.5, 12.2.8, and 12.1.14 for GitLab Community Edition CE and Enterprise Edition EE where private merge requests and issues would be disclosed with the Group Search feature provided by Elasticsearch integration...
CVE-2019-19629
In GitLab EE 10.5 through 12.5.3, 12.4.5, and 12.3.8, when transferring a public project to a private group, private code would be disclosed via the Group Search API provided by the Elasticsearch integration...
CVE-2019-18460
An issue was discovered in GitLab Community and Enterprise Edition 8.15 through 12.4 in the Comments Search feature provided by the Elasticsearch integration. It has Incorrect Access Control...
SUSE CVE-2019-18456
An issue was discovered in GitLab Community and Enterprise Edition 8.17 through 12.4 in the Search feature provided by Elasticsearch integration.. It has Insecure Permissions issue 1 of 4...
CVE-2019-15590
An access control issue exists in 12.3.5, 12.2.8, and 12.1.14 for GitLab Community Edition CE and Enterprise Edition EE where private merge requests and issues would be disclosed with the Group Search feature provided by Elasticsearch integration...
CVE-2019-15590
An access control issue exists in 12.3.5, 12.2.8, and 12.1.14 for GitLab Community Edition CE and Enterprise Edition EE where private merge requests and issues would be disclosed with the Group Search feature provided by Elasticsearch integration...
CVE-2019-15590
CVE-2019-15590 affects GitLab Community Edition (CE) and Enterprise Edition (EE) where private merge requests and issues could be disclosed through the Group Search feature enabled by Elasticsearch integration. Affected versions are < 12.3.5, < 12.2.8, and
CVE-2019-19629
In GitLab EE 10.5 through 12.5.3, 12.4.5, and 12.3.8, when transferring a public project to a private group, private code would be disclosed via the Group Search API provided by the Elasticsearch integration...
CVE-2019-19629
In GitLab EE 10.5 through 12.5.3, 12.4.5, and 12.3.8, when transferring a public project to a private group, private code would be disclosed via the Group Search API provided by the Elasticsearch integration...
Code injection
In GitLab EE 10.5 through 12.5.3, 12.4.5, and 12.3.8, when transferring a public project to a private group, private code would be disclosed via the Group Search API provided by the Elasticsearch integration...
CVE-2019-19629
CVE-2019-19629 affects GitLab Enterprise Edition (EE) versions 10.5 through 12.5.3, 12.4.5, and 12.3.8. The issue arises during transfer of a public project to a private group, where private code could be disclosed through the Group Search API provided by the Elasticsearch integration. Multiple s...
CVE-2019-19629
Removed by vendor...
Gitlab -- Multiple Vulnerabilities
Gitlab reports: Path traversal with potential remote code execution Disclosure of private code via Elasticsearch integration Update Git dependency...
FreeBSD : Gitlab -- Multiple Vulnerabilities (1aa7a094-1147-11ea-b537-001b217b3468)
Gitlab reports : Path traversal with potential remote code execution Private objects exposed through project import Disclosure of notes via Elasticsearch integration Disclosure of comments via Elasticsearch integration DNS Rebind SSRF in various chat notifications Disclosure of vulnerability stat...