Lucene search
K

15 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 10:5 p.m.5 views

CVE-2022-1417

Improper access control in GitLab CE/EE affecting all versions starting from 8.12 before 14.8.6, all versions starting from 14.9 before 14.9.4, and all versions starting from 14.10 before 14.10.1 allows non-project members to access contents of Project Members-only Wikis via malicious CI jobs...

4.3CVSS6.4AI score0.00945EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:14 p.m.5 views

CVE-2021-39941

An information disclosure vulnerability in GitLab CE/EE versions 12.0 to 14.3.6, 14.4 to 14.4.4, and 14.5 to 14.5.2 allowed non-project members to see the default branch name for projects that restrict access to the repository to project members...

5.3CVSS6.1AI score0.01182EPSS
Exploits0References1
OSV
OSV
added 2024/06/27 12:15 a.m.3 views

UBUNTU-CVE-2024-4011

An issue was discovered in GitLab CE/EE affecting all versions starting from 16.1 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows non-project member to promote key results to objectives...

4.3CVSS5.8AI score0.00323EPSS
Exploits0References4
CVE
CVE
added 2024/06/26 11:31 p.m.203 views

CVE-2024-4011

CVE-2024-4011 describes an improper access-control issue in GitLab CE/EE. Affected versions are: 16.1–16.11.4, 17.0–17.0.2, and 17.1–17.1.0. The vulnerability allows a non-project member to promote key results to objectives. Public references converge on GitLab GitLab CE/EE and related OSV/NASL e...

4.3CVSS4.3AI score0.00323EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/03/06 11:17 a.m.19 views

BIT-GITLAB-2021-39941

An information disclosure vulnerability in GitLab CE/EE versions 12.0 to 14.3.6, 14.4 to 14.4.4, and 14.5 to 14.5.2 allowed non-project members to see the default branch name for projects that restrict access to the repository to project members...

5.3CVSS5AI score0.01182EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/01/03 12:0 a.m.21 views

GitLab 12.0 < 14.3.6 / 14.4 < 14.4.4 / 14.5 < 14.5.2 (CVE-2021-39941)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An information disclosure vulnerability in GitLab CE/EE versions 12.0 to 14.3.6, 14.4 to 14.4.4, and 14.5 to 14.5.2 allowed non-project members to see the default branch name for projects that restric...

5.3CVSS5.8AI score0.01182EPSS
Exploits0References4
Prion
Prion
added 2023/03/09 9:15 p.m.18 views

Design/Logic Flaw

An issue has been discovered in GitLab affecting all versions starting from 15.5 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. Non-project members could retrieve release descriptions via the API, even if the release visibility is...

5CVSS5.2AI score0.00786EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2023/03/09 12:0 a.m.17 views

CVE-2023-0223

Removed by vendor...

5.3CVSS6AI score0.00786EPSS
Exploits0
Prion
Prion
added 2022/05/10 9:15 p.m.15 views

Improper access control

Improper access control in GitLab CE/EE affecting all versions starting from 8.12 before 14.8.6, all versions starting from 14.9 before 14.9.4, and all versions starting from 14.10 before 14.10.1 allows non-project members to access contents of Project Members-only Wikis via malicious CI jobs...

4CVSS4.3AI score0.00945EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2021/12/13 4:15 p.m.16 views

CVE-2021-39941

An information disclosure vulnerability in GitLab CE/EE versions 12.0 to 14.3.6, 14.4 to 14.4.4, and 14.5 to 14.5.2 allowed non-project members to see the default branch name for projects that restrict access to the repository to project members...

5.3CVSS0.01182EPSS
Exploits0References3
OSV
OSV
added 2021/12/13 4:15 p.m.1 views

UBUNTU-CVE-2021-39941

An information disclosure vulnerability in GitLab CE/EE versions 12.0 to 14.3.6, 14.4 to 14.4.4, and 14.5 to 14.5.2 allowed non-project members to see the default branch name for projects that restrict access to the repository to project members...

5.3CVSS6AI score0.01182EPSS
Exploits0References2
Prion
Prion
added 2021/12/13 4:15 p.m.21 views

Information disclosure

An information disclosure vulnerability in GitLab CE/EE versions 12.0 to 14.3.6, 14.4 to 14.4.4, and 14.5 to 14.5.2 allowed non-project members to see the default branch name for projects that restrict access to the repository to project members...

5CVSS5AI score0.01182EPSS
Exploits0References3Affected Software1
UbuntuCve
UbuntuCve
added 2021/12/13 4:15 p.m.15 views

CVE-2021-39941

An information disclosure vulnerability in GitLab CE/EE versions 12.0 to 14.3.6, 14.4 to 14.4.4, and 14.5 to 14.5.2 allowed non-project members to see the default branch name for projects that restrict access to the repository to project members...

5.3CVSS6.1AI score0.01182EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2021/12/13 3:48 p.m.17 views

CVE-2021-39941

Removed by vendor...

5.3CVSS6AI score0.01182EPSS
Exploits0
Cvelist
Cvelist
added 2021/12/13 3:48 p.m.23 views

CVE-2021-39941

An information disclosure vulnerability in GitLab CE/EE versions 12.0 to 14.3.6, 14.4 to 14.4.4, and 14.5 to 14.5.2 allowed non-project members to see the default branch name for projects that restrict access to the repository to project members...

3.7CVSS5.4AI score0.01182EPSS
Exploits0References3
Rows per page
Query Builder