42 matches found
CVE-2026-3160
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.7 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user to view Jira issues outside the configured project scope due to an integration filter functioning only as a...
BIT-GITLAB-2026-3160 Unintended Proxy or Intermediary ('Confused Deputy') in GitLab
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.7 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user to view Jira issues outside the configured project scope due to an integration filter functioning only as a...
CVE-2026-3160
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.7 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user to view Jira issues outside the configured project scope due to an integration filter functioning only as a...
CVE-2026-3160
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.7 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user to view Jira issues outside the configured project scope due to an integration filter functioning only as a...
UBUNTU-CVE-2026-3160
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.7 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user to view Jira issues outside the configured project scope due to an integration filter functioning only as a...
CVE-2026-3160
GitLab CVE-2026-3160 affects GitLab CE/EE versions 13.7–18.9.7, 18.10–18.10.5, and 18.11–18.11.2. An authenticated user could view Jira issues outside the configured project scope due to an integration filter that functioned only as display control rather than enforcing access boundaries. The iss...
CVE-2026-3160 Unintended Proxy or Intermediary ('Confused Deputy') in GitLab
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.7 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user to view Jira issues outside the configured project scope due to an integration filter functioning only as a...
CVE-2026-3160 Unintended Proxy or Intermediary ('Confused Deputy') in GitLab
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.7 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user to view Jira issues outside the configured project scope due to an integration filter functioning only as a...
PT-2026-40863
Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 13.7 through 18.9.6 GitLab CE/EE versions 18.10 through 18.10.5 GitLab CE/EE versions 18.11 through 18.11.2 Description An issue in the Jira integration filter allows an authenticated user to view Jira issues outside the...
GO-2025-4259 Mattermost doesn't validate user channel membership when attaching Mattermost posts as comments to Jira issues in github.com/mattermost/mattermost-server
Mattermost doesn't validate user channel membership when attaching Mattermost posts as comments to Jira issues in github.com/mattermost/mattermost-server. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. ...
GO-2026-4496 Mattermost doesn't validate user permissions when creating Jira issues from Mattermost posts in github.com/mattermost/mattermost-server
Mattermost doesn't validate user permissions when creating Jira issues from Mattermost posts in github.com/mattermost/mattermost-server...
Mattermost 安全漏洞
Mattermost is an open-source collaboration platform developed by the American company Mattermost. Vulnerabilities exist in Mattermost versions 11.1.2 and earlier of the 11.1.x series, as well as versions 10.11.9 and earlier of the 10.11.x series, and 11.2.1 and earlier of the 11.2.x series. These...
EUVD-2017-18445
Malware in sbrugna...
EUVD-2018-12808
Malware in sbrugna...
EUVD-2022-35003
Malicious code in bioql PyPI...
Important: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.12.0 security and bug fixes
Red Hat Advanced Cluster Management for Kubernetes 2.12.0 GA release images are now available, which contain security and bug fixes. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detail...
The "Your Jira Issues" section on the Bitbucket dashboard is fetching images via the internal Application URL rather than the external Display URL
h3. Issue Summary This is reproducible on Data Center: yes h3. Steps to Reproduce Create an Application link to Jira Instance with different "Application" and 'Display URLs' !image-2024-05-14-18-13-31-601.png|thumbnail! Block the 'Application URL' access on the client system browser using...
Moderate: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.8.6 security and bug fix updates
Red Hat Advanced Cluster Management for Kubernetes 2.8.6 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...
Moderate: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.9.3 security and bug fix container updates
Red Hat Advanced Cluster Management for Kubernetes 2.9.3 General Availability release images, which fix bugs and update container images. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a...
Critical: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.8.5 security and bug fix container updates
Red Hat Advanced Cluster Management for Kubernetes 2.8.5 General Availability release images, which provide security updates and fix bugs. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a...