28 matches found
EUVD-2024-48055
Malicious code in bioql PyPI...
EUVD-2024-32525
Malicious code in bioql PyPI...
EUVD-2024-46548
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2024-5318
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.11 prior to 16.10.6, starting from 16.11 prior to 16.11.3, and starting fro...
Linux Distros Unpatched Vulnerability : CVE-2024-3959
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GitLab CE/EE affecting all versions starting from 16.7 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1...
Linux Distros Unpatched Vulnerability : CVE-2024-7057
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An information disclosure vulnerability in GitLab CE/EE affecting all versions starting from 16.7 prior to 17.0.5, starting from 17.1 prior to 17.1.3, and...
CVE-2024-5318
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.11 prior to 16.10.6, starting from 16.11 prior to 16.11.3, and starting from 17.0 prior to 17.0.1. A Guest user can view dependency lists of private projects through job artifacts...
CVE-2024-7057
An information disclosure vulnerability in GitLab CE/EE affecting all versions starting from 16.7 prior to 17.0.5, starting from 17.1 prior to 17.1.3, and starting from 17.2 prior to 17.2.1 where job artifacts can be inappropriately exposed to users lacking the proper authorization level...
CVE-2022-3759
An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.3 before 15.6.7, all versions starting from 15.7 before 15.7.6, all versions starting from 15.8 before 15.8.1. An attacker may upload a crafted CI job artifact zip file in a project that uses dynamic child...
BIT-GITLAB-2024-7057 Improper Access Control in GitLab
An information disclosure vulnerability in GitLab CE/EE affecting all versions starting from 16.7 prior to 17.0.5, starting from 17.1 prior to 17.1.3, and starting from 17.2 prior to 17.2.1 where job artifacts can be inappropriately exposed to users lacking the proper authorization level...
UBUNTU-CVE-2024-7057
An information disclosure vulnerability in GitLab CE/EE affecting all versions starting from 16.7 prior to 17.0.5, starting from 17.1 prior to 17.1.3, and starting from 17.2 prior to 17.2.1 where job artifacts can be inappropriately exposed to users lacking the proper authorization level...
CVE-2024-7057
Removed by vendor...
FreeBSD : Gitlab -- Vulnerabilities (24c88add-4a3e-11ef-86d7-001b217b3468)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 24c88add-4a3e-11ef-86d7-001b217b3468 advisory. Gitlab reports: XSS via the Maven Dependency Proxy Project level analytics settings leaked in...
CVE-2024-3959
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.7 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows private job artifacts can be accessed by any user...
CVE-2024-3959 Improper Authorization in GitLab
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.7 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows private job artifacts can be accessed by any user...
CVE-2024-3959
Removed by vendor...
CVE-2024-3959
CVE-2024-3959 affects GitLab CE/EE: all versions from 16.7 up to 16.11.5, 17.0 up to 17.0.3, and 17.1 up to 17.1.1. Issue: improper authorization that allows private job artifacts to be accessed by any user. Impact: exposure of private artifacts; no integrity/availability impact stated beyond acc...
CVE-2024-3959 Improper Authorization in GitLab
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.7 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows private job artifacts can be accessed by any user...
GitLab Authorization Issues Vulnerability
GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery, and other features. An authorization issue vulnerability exists in GitLab CE/EE, which stems from...
BIT-GITLAB-2024-5318 Missing Authorization in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.11 prior to 16.10.6, starting from 16.11 prior to 16.11.3, and starting from 17.0 prior to 17.0.1. A Guest user can view dependency lists of private projects through job artifacts...