30 matches found
EUVD-2023-44168
Malicious code in bioql PyPI...
EUVD-2021-9409
Malicious code in bioql PyPI...
EUVD-2025-4923
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-1981
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab EE affecting all versions starting from 12.2 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1. In GitLab,...
CVE-2023-3509
An issue has been discovered in GitLab affecting all versions before 16.7.6, all versions starting from 16.8 before 16.8.3, all versions starting from 16.9 before 16.9.1. It was possible for group members with sub-maintainer role to change the title of privately accessible deploy keys associated...
CVE-2021-22263
An issue has been discovered in GitLab affecting all versions starting from 13.0 before 14.0.9, all versions starting from 14.1 before 14.1.4, all versions starting from 14.2 before 14.2.2. A user account with 'external' status which is granted 'Maintainer' role on any project on the GitLab...
BIT-GITLAB-2024-8266 Execution with Unnecessary Privileges in GitLab
An issue was discovered in GitLab CE/EE affecting all versions starting from 17.1 prior to 17.6.0, which allows an attacker with maintainer role to trigger a pipeline as project owner under certain circumstances...
CVE-2024-8266
An issue was discovered in GitLab CE/EE affecting all versions starting from 17.1 prior to 17.6.0, which allows an attacker with maintainer role to trigger a pipeline as project owner under certain circumstances...
CVE-2024-8266
An issue was discovered in GitLab CE/EE affecting all versions starting from 17.1 prior to 17.6.0, which allows an attacker with maintainer role to trigger a pipeline as project owner under certain circumstances...
CVE-2024-8266 Execution with Unnecessary Privileges in GitLab
An issue was discovered in GitLab CE/EE affecting all versions starting from 17.1 prior to 17.6.0, which allows an attacker with maintainer role to trigger a pipeline as project owner under certain circumstances...
CVE-2024-8266 Execution with Unnecessary Privileges in GitLab
An issue was discovered in GitLab CE/EE affecting all versions starting from 17.1 prior to 17.6.0, which allows an attacker with maintainer role to trigger a pipeline as project owner under certain circumstances...
CVE-2024-8266
Removed by vendor...
PT-2025-6770 · Gitlab · Gitlab Ce/Ee
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 17.1 through 17.5 Description: An issue was discovered in GitLab CE/EE, which allows an attacker with a maintainer role to trigger a pipeline as the project owner under certain circumstances. Recommendations: For version...
Improper Permission Validation
github.com/goharbor/harbor is vulnerable to Improper Permission Validation. The vulnerability is due to the failure to validate maintainer role permissions when updating project configurations. Attackers can exploit this by sending requests to create, update, or delete metadata in a project they ...
GHSA-HW28-333W-QXP3 Harbor fails to validate the user permissions when updating project configurations
Impact Harbor fails to validate the maintainer role permissions when creating/updating/deleting project configurations - API call: - PUT /projects/projectnameorid/metadatas/metaname - POST /projects/projectnameorid/metadatas/metaname - DELETE /projects/projectnameorid/metadatas/metaname By sendin...
BIT-GITLAB-2021-22263
An issue has been discovered in GitLab affecting all versions starting from 13.0 before 14.0.9, all versions starting from 14.1 before 14.1.4, all versions starting from 14.2 before 14.2.2. A user account with 'external' status which is granted 'Maintainer' role on any project on the GitLab...
CVE-2023-3509
An issue has been discovered in GitLab affecting all versions before 16.7.6, all versions starting from 16.8 before 16.8.3, all versions starting from 16.9 before 16.9.1. It was possible for group members with sub-maintainer role to change the title of privately accessible deploy keys associated...
CVE-2023-3509
CVE-2023-3509 affects GitLab across versions: before 16.7.6, 16.8 before 16.8.3, and 16.9 before 16.9.1. The issue allows group members with sub-maintainer rights to rename privately accessible deploy keys associated with projects within the group. Mitigations are published by GitLab in fixed rel...
Privilege Escalation
gitlab is vulnerable to Privilege Escalation. This vulnerability occurs due to a flaw in the way that GitLab handles project tokens. An attacker with the "Maintainer" role on any project can exploit this vulnerability to gain the "Internal" role on the same project, which grants them elevated...
CVE-2021-22263
An issue has been discovered in GitLab affecting all versions starting from 13.0 before 14.0.9, all versions starting from 14.1 before 14.1.4, all versions starting from 14.2 before 14.2.2. A user account with 'external' status which is granted 'Maintainer' role on any project on the GitLab...