50 matches found
PT-2022-13946 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: Gitlab CE/EE versions 13.2 through 14.8.5 Gitlab CE/EE versions 14.9 through 14.9.3 Gitlab CE/EE versions 14.10 through 14.10.0 Description: The issue allows disclosure of details of confidential notes created via the API if an unauthorized...
CVE-2022-1193
Improper access control in GitLab CE/EE versions 10.7 prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 allows a malicious actor to obtain details of the latest commit in a private project via Merge Requests under certain circumstances...
CVE-2022-0390
Improper access control in Gitlab CE/EE versions 12.7 to 14.5.4, 14.6 to 14.6.4, and 14.7 to 14.7.1 allowed for project non-members to retrieve issue details when it was linked to an item from the vulnerability dashboard...
GitLab Community Edition 和 Enterprise Edition 信息泄露漏洞
GitLab Enterprise Edition is a content management system.GitLab Community Edition is a community edition of GitLab by GitLab, Inc. An information disclosure vulnerability exists in GitLab Community Edition CE and Enterprise Edition EE that stems from the application outputting too much data. A...
GitLab Enterprise Edition 和 Gitlab Community Edition 信任管理问题漏洞
GitLab Enterprise Edition is a content management system, and GitLab Community Edition is a community edition of GitLab from GitLab, Inc. GitLab Enterprise Edition and Gitlab Community Edition are vulnerable to a trust management issue that arises from incorrect certificate validation of external...
GitLab Enterprise Edition 和 GitLab Community Edition 代码问题漏洞
GitLab Enterprise Edition is a content management system, and GitLab Community Edition is a community edition of GitLab from GitLab, Inc. GitLab Enterprise Edition and GitLab Community Edition are vulnerable to a code issue that arises from insufficient validation of user-supplied input. A remote...
UBUNTU-CVE-2020-13276
User is allowed to set an email as a notification email even without verifying the new email in all previous GitLab CE/EE versions through 13.0.1...
UBUNTU-CVE-2020-10980
GitLab EE/CE 8.0.rc1 to 12.9 is vulnerable to a blind SSRF in the FogBugz integration...
GitLab CE/EE Cross-Site Scripting Vulnerability (CNVD-2020-03115)
GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A cross-site scripting vulnerability exists in GitLab...
GitLab Information Disclosure Vulnerability (CNVD-2020-12723)
GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. An information disclosure vulnerability exists in GitLab...