37 matches found
EUVD-2020-3380
Malware in sbrugna...
EUVD-2024-49515
Malicious code in bioql PyPI...
EUVD-2024-46832
Malicious code in bioql PyPI...
CVE-2020-10981
GitLab EE/CE 9.0 to 12.9 allows a maintainer to modify other maintainers' pipeline trigger descriptions within the same project...
BIT-GITLAB-2024-7102 Execution with Unnecessary Privileges in GitLab
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.4 prior to 17.5.0 which allows an attacker to trigger a pipeline as another user under certain circumstances...
CVE-2024-8266
An issue was discovered in GitLab CE/EE affecting all versions starting from 17.1 prior to 17.6.0, which allows an attacker with maintainer role to trigger a pipeline as project owner under certain circumstances...
CVE-2024-8266
An issue was discovered in GitLab CE/EE affecting all versions starting from 17.1 prior to 17.6.0, which allows an attacker with maintainer role to trigger a pipeline as project owner under certain circumstances...
UBUNTU-CVE-2024-8266
An issue was discovered in GitLab CE/EE affecting all versions starting from 17.1 prior to 17.6.0, which allows an attacker with maintainer role to trigger a pipeline as project owner under certain circumstances...
CVE-2024-7102 Execution with Unnecessary Privileges in GitLab
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.4 prior to 17.5.0 which allows an attacker to trigger a pipeline as another user under certain circumstances...
CVE-2024-7102 Execution with Unnecessary Privileges in GitLab
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.4 prior to 17.5.0 which allows an attacker to trigger a pipeline as another user under certain circumstances...
CVE-2024-8266 Execution with Unnecessary Privileges in GitLab
An issue was discovered in GitLab CE/EE affecting all versions starting from 17.1 prior to 17.6.0, which allows an attacker with maintainer role to trigger a pipeline as project owner under certain circumstances...
CVE-2024-8266 Execution with Unnecessary Privileges in GitLab
An issue was discovered in GitLab CE/EE affecting all versions starting from 17.1 prior to 17.6.0, which allows an attacker with maintainer role to trigger a pipeline as project owner under certain circumstances...
CVE-2024-8266
CVE-2024-8266 affects GitLab CE/EE, versions starting from 17.1 up to, but not including, 17.6.0. The issue allows an attacker with the maintainer role to trigger a pipeline as the project owner under certain circumstances, exposing potential high-privilege pipeline execution. The vulnerability i...
GitLab Enterprise Edition和GitLab Community Edition 安全漏洞
GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of GitLab, Inc. GitLab Enterprise Edition is a content management system. GitLab Enterprise Edition is a content management system. A security vulnerability exists in GitLab Enterprise Edition and GitLab Community...
BIT-GITLAB-2024-8970 Incorrect Authorization in GitLab
An issue was discovered in GitLab CE/EE affecting all versions starting from 11.6 prior to 17.2.9, starting from 17.3 prior to 17.3.5, and starting from 17.4 prior to 17.4.2, which allows an attacker to trigger a pipeline as another user under certain circumstances...
CVE-2024-8970
An issue was discovered in GitLab CE/EE affecting all versions starting from 11.6 prior to 17.2.9, starting from 17.3 prior to 17.3.5, and starting from 17.4 prior to 17.4.2, which allows an attacker to trigger a pipeline as another user under certain circumstances...
UBUNTU-CVE-2024-8970
An issue was discovered in GitLab CE/EE affecting all versions starting from 11.6 prior to 17.2.9, starting from 17.3 prior to 17.3.5, and starting from 17.4 prior to 17.4.2, which allows an attacker to trigger a pipeline as another user under certain circumstances...
CVE-2024-8970 Incorrect Authorization in GitLab
An issue was discovered in GitLab CE/EE affecting all versions starting from 11.6 prior to 17.2.9, starting from 17.3 prior to 17.3.5, and starting from 17.4 prior to 17.4.2, which allows an attacker to trigger a pipeline as another user under certain circumstances...
PT-2024-6937 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 11.6 through 17.2.9 GitLab CE/EE versions 17.3 through 17.3.5 GitLab CE/EE versions 17.4 through 17.4.2 Description: The issue is related to authentication errors in GitLab, allowing a remote attacker to trigger pipeline...
UBUNTU-CVE-2024-6678
An issue was discovered in GitLab CE/EE affecting all versions starting from 8.14 prior to 17.1.7, starting from 17.2 prior to 17.2.5, and starting from 17.3 prior to 17.3.2, which allows an attacker to trigger a pipeline as an arbitrary user under certain circumstances...