78 matches found
BIT-GITLAB-2026-0602 Authentication Bypass Using an Alternate Path or Channel in GitLab
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.6 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user to disclose metadata from private issues, merge requests, epics, milestones, or commits due to improper filtering...
EUVD-2026-11176
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.6 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user to disclose metadata from private issues, merge requests, epics, milestones, or commits due to improper filtering...
CVE-2026-0602
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.6 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user to disclose metadata from private issues, merge requests, epics, milestones, or commits due to improper filtering...
PT-2026-24711
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.6 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user to disclose metadata from private issues, merge requests, epics, milestones, or commits due to improper filtering...
GitLab 安全漏洞
GitLab is an end-to-end software development platform provided by the American company GitLab. It features built-in version control, issue tracking, code review, and CI/CD continuous integration and delivery capabilities. There is a security vulnerability in GitLab, which stems from improper...
CVE-2021-22183
An issue has been discovered in GitLab affecting all versions starting with 11.8. GitLab was vulnerable to a stored XSS in the epics page, which could be exploited with user interactions...
CVE-2019-12442
An issue was discovered in GitLab Enterprise Edition 11.7 through 11.11. The epic details page contained a lack of input validation and output encoding issue which resulted in a persistent XSS vulnerability on child epics...
EUVD-2021-26239
Malware in sbrugna...
EUVD-2020-18959
Malware in sbrugna...
EUVD-2020-5547
Malware in sbrugna...
EUVD-2024-48003
Malicious code in bioql PyPI...
EUVD-2023-23359
Malicious code in bioql PyPI...
EUVD-2023-23671
Malicious code in bioql PyPI...
EUVD-2024-31718
Malicious code in bioql PyPI...
EUVD-2021-9329
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2021-22183
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab affecting all versions starting with 11.8. GitLab was vulnerable to a stored XSS in the epics page, which could be...
Linux Distros Unpatched Vulnerability : CVE-2020-26412
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Removed group members were able to use the To-Do functionality to retrieve updated information on confidential epics starting in GitLab EE 13.2 before 13.6.2...
Linux Distros Unpatched Vulnerability : CVE-2021-39883
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper authorization checks in all versions of GitLab EE starting from 13.11 before 14.1.7, all versions starting from 14.2 before 14.2.5, and all versions...
Linux Distros Unpatched Vulnerability : CVE-2023-5117
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GitLab CE/EE affecting all versions before 17.6.0 in which users were unaware that files uploaded to comments on confidential issues...
Linux Distros Unpatched Vulnerability : CVE-2023-1417
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab affecting all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. It was possible...