2 matches found
CVE-2026-10078 Quay/config-tool: quay/config-tool: gitlab oauth client_secret exposed in url querystring
A flaw was found in the Quay config-tool's GitLab OAuth validator. This vulnerability causes sensitive credentials, specifically clientid and clientsecret, to be transmitted as plaintext in URL query parameters during POST requests to the GitLab endpoint. This insecure transmission can lead to th...
SonarSource SonarQube Information Disclosure Vulnerability (CNVD-2020-64787)
SonarSource SonarQube is an open source code quality management system from SonarSource Switzerland. An information disclosure vulnerability exists in SonarQube version 8.4.2.36762, which can be exploited by an attacker to discover plaintext SMTP, SVN, and GitLab credentials via an api set value...