11 matches found
CVE-2023-4895
An issue has been discovered in GitLab EE affecting all versions starting from 12.0 to 16.7.6, all versions starting from 16.8 before 16.8.3, all versions starting from 16.9 before 16.9.1. This vulnerability allows for bypassing the 'group ip restriction' settings to access environment details of...
FreeBSD : Gitlab -- vulnerabilities (6943cbf2-2d55-11f0-9471-2cf05da270f3)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 6943cbf2-2d55-11f0-9471-2cf05da270f3 advisory. Gitlab reports: Partial Bypass for Device OAuth flow using Cross Window Forgery Denial of...
Gitlab -- vulnerabilities
Gitlab reports: Partial Bypass for Device OAuth flow using Cross Window Forgery Denial of service by abusing Github import API Group IP restriction bypass allows disclosing issue title of restricted project...
GitLab Enterprise Edition 安全漏洞
GitLab Enterprise Edition EE is a content management system from the American company GitLab. A security vulnerability exists in GitLab Enterprise Edition versions 12.5 through 17.1.6, 17.2 through 17.2.4, and 17.3 through 17.3.1, which stems from the fact that under certain circumstances, it may...
BIT-GITLAB-2023-4895 Missing Authorization in GitLab
An issue has been discovered in GitLab EE affecting all versions starting from 12.0 to 16.7.6, all versions starting from 16.8 before 16.8.3, all versions starting from 16.9 before 16.9.1. This vulnerability allows for bypassing the 'group ip restriction' settings to access environment details of...
Information disclosure
An issue has been discovered in GitLab EE affecting all versions starting from 12.0 to 16.7.6, all versions starting from 16.8 before 16.8.3, all versions starting from 16.9 before 16.9.1. This vulnerability allows for bypassing the 'group ip restriction' settings to access environment details of...
CVE-2023-4895 Missing Authorization in GitLab
An issue has been discovered in GitLab EE affecting all versions starting from 12.0 to 16.7.6, all versions starting from 16.8 before 16.8.3, all versions starting from 16.9 before 16.9.1. This vulnerability allows for bypassing the 'group ip restriction' settings to access environment details of...
CVE-2023-4895
Affected product: GitLab Enterprise Edition (GitLab EE). Vulnerable components: environment details exposure via bypassing group IP restriction, across versions 12.0–16.7.6, 16.8 before 16.8.3, and 16.9 before 16.9.1. Root cause: bypass of group IP restriction settings enabling unauthorized acces...
CVE-2023-4895 Missing Authorization in GitLab
An issue has been discovered in GitLab EE affecting all versions starting from 12.0 to 16.7.6, all versions starting from 16.8 before 16.8.3, all versions starting from 16.9 before 16.9.1. This vulnerability allows for bypassing the 'group ip restriction' settings to access environment details of...
CVE-2023-4895
Removed by vendor...
GitLab 12.0 < 16.7.6 / 16.8 < 16.8.3 / 16.9 < 16.9.1 (CVE-2023-4895)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab EE affecting all versions starting from 12.0 to 16.7.6, all versions starting from 16.8 before 16.8.3, all versions starting from 16.9 before 16.9.1. This...