Lucene search
K

16 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.14 views

EUVD-2024-16205

Malicious code in bioql PyPI...

7.7CVSS7.5AI score0.00455EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/02/04 11:9 p.m.9 views

CVE-2024-0410

An authorization bypass vulnerability was discovered in GitLab affecting versions 15.1 prior to 16.7.6, 16.8 prior to 16.8.3, and 16.9 prior to 16.9.1. A developer could bypass CODEOWNERS approvals by creating a merge conflict...

7.7CVSS6.4AI score0.00455EPSS
Exploits0References1
OSV
OSV
added 2024/03/06 10:53 a.m.21 views

BIT-GITLAB-2024-0410 Improper Enforcement of Behavioral Workflow in GitLab

An authorization bypass vulnerability was discovered in GitLab affecting versions 15.1 prior to 16.7.6, 16.8 prior to 16.8.3, and 16.9 prior to 16.9.1. A developer could bypass CODEOWNERS approvals by creating a merge conflict...

7.7CVSS7.2AI score0.00455EPSS
Exploits0References3
NVD
NVD
added 2024/02/22 12:15 a.m.16 views

CVE-2024-0410

An authorization bypass vulnerability was discovered in GitLab affecting versions 15.1 prior to 16.7.6, 16.8 prior to 16.8.3, and 16.9 prior to 16.9.1. A developer could bypass CODEOWNERS approvals by creating a merge conflict...

7.7CVSS7.4AI score0.00455EPSS
Exploits0References2
Prion
Prion
added 2024/02/22 12:15 a.m.18 views

Authorization

An authorization bypass vulnerability was discovered in GitLab affecting versions 15.1 prior to 16.7.6, 16.8 prior to 16.8.3, and 16.9 prior to 16.9.1. A developer could bypass CODEOWNERS approvals by creating a merge conflict...

3.6CVSS6.7AI score0.00455EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCve
added 2024/02/22 12:0 a.m.20 views

CVE-2024-0410

An authorization bypass vulnerability was discovered in GitLab affecting versions 15.1 prior to 16.7.6, 16.8 prior to 16.8.3, and 16.9 prior to 16.9.1. A developer could bypass CODEOWNERS approvals by creating a merge conflict...

7.7CVSS7.1AI score0.00455EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/02/21 11:30 p.m.36 views

CVE-2024-0410 Improper Enforcement of Behavioral Workflow in GitLab

An authorization bypass vulnerability was discovered in GitLab affecting versions 15.1 prior to 16.7.6, 16.8 prior to 16.8.3, and 16.9 prior to 16.9.1. A developer could bypass CODEOWNERS approvals by creating a merge conflict...

7.7CVSS7.6AI score0.00455EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/02/21 11:30 p.m.14 views

CVE-2024-0410 Improper Enforcement of Behavioral Workflow in GitLab

An authorization bypass vulnerability was discovered in GitLab affecting versions 15.1 prior to 16.7.6, 16.8 prior to 16.8.3, and 16.9 prior to 16.9.1. A developer could bypass CODEOWNERS approvals by creating a merge conflict...

7.7CVSS7.4AI score0.00455EPSS
Exploits0References2
CVE
CVE
added 2024/02/21 11:30 p.m.105 views

CVE-2024-0410

CVE-2024-0410 affects GitLab with an authorization bypass: a developer could bypass CODEOWNERS approvals by creating a merge conflict. Affected versions are 15.1 before 16.7.6, 16.8 before 16.8.3, and 16.9 before 16.9.1. The vulnerability has a HIGH impact (CVSS 7.7) with a network attack vector,...

7.7CVSS7.3AI score0.00455EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2024/02/21 11:30 p.m.25 views

CVE-2024-0410

Removed by vendor...

7.7CVSS7.1AI score0.00455EPSS
Exploits0
OSV
OSV
added 2024/02/21 11:30 p.m.20 views

CVE-2024-0410 Improper Enforcement of Behavioral Workflow in GitLab

An authorization bypass vulnerability was discovered in GitLab affecting versions 15.1 prior to 16.7.6, 16.8 prior to 16.8.3, and 16.9 prior to 16.9.1. A developer could bypass CODEOWNERS approvals by creating a merge conflict...

7.7CVSS7.4AI score0.00455EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/02/21 12:0 a.m.25 views

GitLab Access Control Error Vulnerability

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD continuous integration and continuous delivery, and other features. GitLab suffers from an Access Control Error vulnerability that stems from the...

7.7CVSS7.1AI score0.00455EPSS
Exploits0References2
Atlassian
Atlassian
added 2024/02/07 3:37 a.m.26 views

Merge Conflict PRs in Confluence-frontend-plugin

Merge Conflict PRs in Confluence-frontend-plugin after NPM Audit Fix...

7.1AI score
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2024/01/11 12:0 a.m.5 views

PT-2024-1871 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions 15.1 through 16.7.5 GitLab versions 16.8 through 16.8.2 GitLab versions 16.9 through 16.9.0 Description: The issue is related to insufficient access control in GitLab, allowing a remote attacker to bypass security restrictions...

7.7CVSS6.9AI score0.00455EPSS
Exploits0References16
Github Security Blog
Github Security Blog
added 2023/12/12 12:49 a.m.27 views

OpenZeppelin Contracts and Contracts Upgradeable duplicated execution of subcalls in v4.9.4

Context Merge conflict resolution issue when porting the v5.0.1 Multicall update to the v4.9 branch caused a duplicated line. Impact Versions using Multicall from @openzeppelin/[email protected] and @openzeppelin/[email protected] will execute each subcall twice. Concretely, this exposes ...

7.5CVSS7.2AI score0.00543EPSS
Exploits0References5Affected Software2
OSV
OSV
added 2023/12/12 12:49 a.m.15 views

GHSA-699G-Q6QH-Q4V8 OpenZeppelin Contracts and Contracts Upgradeable duplicated execution of subcalls in v4.9.4

Context Merge conflict resolution issue when porting the v5.0.1 Multicall update to the v4.9 branch caused a duplicated line. Impact Versions using Multicall from @openzeppelin/[email protected] and @openzeppelin/[email protected] will execute each subcall twice. Concretely, this exposes ...

5.9CVSS7.5AI score0.00543EPSS
Exploits0References5
Rows per page
Query Builder