13 matches found
EUVD-2022-43113
Malicious code in bioql PyPI...
GitLab Community Edition和GitLab Enterprise Edition 安全漏洞
GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of GitLab, Inc. GitLab Enterprise Edition is a content management system. GitLab Enterprise Edition is a content management system. A security vulnerability exists in GitLab Community Edition and GitLab Enterprise...
BIT-GITLAB-2020-11506
An issue was discovered in GitLab 10.7.0 and later through 12.9.2. A Workhorse bypass could lead to job artifact uploads and file disclosure Exposure of Sensitive Information via request smuggling...
CVE-2022-3759
An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.3 before 15.6.7, all versions starting from 15.7 before 15.7.6, all versions starting from 15.8 before 15.8.1. An attacker may upload a crafted CI job artifact zip file in a project that uses dynamic child...
CVE-2022-3759
Removed by vendor...
CVE-2022-3759
An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.3 before 15.6.7, all versions starting from 15.7 before 15.7.6, all versions starting from 15.8 before 15.8.1. An attacker may upload a crafted CI job artifact zip file in a project that uses dynamic child...
Gitlab -- Multiple Vulnerabilities
Gitlab reports: Denial of Service via arbitrarily large Issue descriptions CSRF via file upload allows an attacker to take over a repository Sidekiq background job DoS by uploading malicious CI job artifact zips Sidekiq background job DoS by uploading a malicious Helm package...
CVE-2020-11506
An issue was discovered in GitLab 10.7.0 and later through 12.9.2. A Workhorse bypass could lead to job artifact uploads and file disclosure Exposure of Sensitive Information via request smuggling...
CVE-2020-11506
An issue was discovered in GitLab 10.7.0 and later through 12.9.2. A Workhorse bypass could lead to job artifact uploads and file disclosure Exposure of Sensitive Information via request smuggling...
Arbitrary file deletion
An issue was discovered in GitLab 10.7.0 and later through 12.9.2. A Workhorse bypass could lead to job artifact uploads and file disclosure Exposure of Sensitive Information via request smuggling...
CVE-2020-11506
CVE-2020-11506 affects GitLab 10.7.0 through 12.9.2. A Workhorse bypass could enable job artifact uploads and disclosure of sensitive information via request smuggling. Subcomponents implicated: GitLab Workhorse; root cause details are not explicitly provided in the included documents beyond the ...
FreeBSD : Gitlab -- Multiple Vulnerabilities (570706ff-7ee0-11ea-bd0b-001b217b3468)
Gitlab reports : NuGet Package and File Disclosure through GitLab Workhorse Job Artifact Uploads and File Disclosure through GitLab Workhorse Incorrect membership following group removal Logging of Praefect tokens Update Rack dependency Update OpenSSL dependency C Tenable Network Security, Inc. T...
Gitlab -- Multiple Vulnerabilities
Gitlab reports: NuGet Package and File Disclosure through GitLab Workhorse Job Artifact Uploads and File Disclosure through GitLab Workhorse Incorrect membership following group removal Logging of Praefect tokens Update Rack dependency Update OpenSSL dependency...