52 matches found
PT-2023-17188 · Gitlab · Gitlab
Name of the Vulnerable Software and Affected Versions: GitLab versions 15.0 through 15.8.4 GitLab versions 15.9 through 15.9.3 GitLab versions 15.10 through 15.10.0 Description: A sensitive information disclosure issue in GitLab allows an attacker to view the count of internal notes for a given...
CVE-2023-1710
A sensitive information disclosure vulnerability in GitLab affecting all versions from 15.0 prior to 15.8.5, 15.9 prior to 15.9.4 and 15.10 prior to 15.10.1 allows an attacker to view the count of internal notes for a given issue...
GitLab 15.0 < 15.8.5 / 15.9 < 15.9.4 / 15.10 < 15.10.1 (CVE-2023-1710)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - A sensitive information disclosure vulnerability in GitLab affecting all versions from 15.0 prior to 15.8.5, 15.9 prior to 15.9.4 and 15.10 prior to 15.10.1 allows an attacker to view the count of...
CVE-2022-3819
An improper authorization issue in GitLab CE/EE affecting all versions from 15.0 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows a malicious users to set emojis on internal notes they don't have access to...
CVE-2022-3819
An improper authorization issue in GitLab CE/EE affecting all versions from 15.0 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows a malicious users to set emojis on internal notes they don't have access to...
UBUNTU-CVE-2022-3819
An improper authorization issue in GitLab CE/EE affecting all versions from 15.0 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows a malicious users to set emojis on internal notes they don't have access to...
PT-2022-24267 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 15.0 through 15.3.4 GitLab CE/EE versions 15.4 through 15.4.3 GitLab CE/EE versions 15.5 through 15.5.1 Description: An improper authorization issue in GitLab CE/EE allows malicious users to set emojis on internal notes...
CVE-2022-3819
An improper authorization issue in GitLab CE/EE affecting all versions from 15.0 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows a malicious users to set emojis on internal notes they don't have access to...
CVE-2022-3819
An improper authorization issue in GitLab CE/EE affecting all versions from 15.0 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows a malicious users to set emojis on internal notes they don't have access to...
CVE-2022-3819
An improper authorization issue in GitLab CE/EE affecting all versions from 15.0 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows a malicious users to set emojis on internal notes they don't have access to...
CVE-2022-3819
Removed by vendor...
The vulnerability of the osTicket customer support system, related to the lack of mechanisms to neutralize elements in the CSV file, allows a violator to execute arbitrary code.
The vulnerability of the osTicket customer support system lies in the lack of a mechanism to eliminate certain elements in the CSV file specifically, the fields “Name” and “Internal Notes” in the “Users” tab. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...