2 matches found
CVE-2022-29946
A flaw was found in the NATS Server and NATS Streaming Server. Affected versions of this package could allow a remote attacker to bypass security restrictions due to a failure to enforce negative user permissions in one scenario. By using a queue subscription on the wildcard, an attacker could...
CVE-2021-39886
Permissions rules were not applied while issues were moved between projects of the same group in GitLab versions starting with 10.6 and up to 14.1.7 allowing users to read confidential Epic references...