Linux Distros Unpatched Vulnerability : CVE-2020-12275

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab 12.6 through 12.9 is vulnerable to a privilege escalation that allows an external user to create a personal snippet through the API. CVE-2020-12275 Note...

GitLab: Attacker is able to create,Edit & delete notes and leak the title of a victim's private personal snippet

An attacker was able to create, edit, and delete notes on a victim's private personal snippet, leaking the title of the snippet on the attacker's activity page. The attack was achieved by changing the POST parameter noteabletype from "issue" to "personalsnippet" and posting a comment within a...

Unnamed Vulnerability in GitLab (CNVD-2021-19415)

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in GitLab versions 12.6...

CVE-2020-12275

GitLab 12.6 through 12.9 is vulnerable to a privilege escalation that allows an external user to create a personal snippet through the API...

CVE-2020-12275

Removed by vendor...

CVE-2020-12275

GitLab 12.6 through 12.9 is vulnerable to a privilege escalation that allows an external user to create a personal snippet through the API...

Gitlab -- Multiple Vulnerabilities

Gitlab reports: Arbitrary File Read when Moving an Issue Path Traversal in NPM Package Registry SSRF on Project Import External Users Can Create Personal Snippet Triggers Decription Can be Updated by Other Maintainers in Project Information Disclosure on Confidential Issues Moved to Private...