EUVD-2019-6548

Malware in sbrugna...

CVE-2019-15580

An information exposure vulnerability exists in gitlab.com...

FreeBSD : Gitlab -- Gitlab (1d651770-f4f5-11eb-ba49-001b217b3468)

Gitlab reports : Stored XSS in Mermaid when viewing Markdown files Stored XSS in default branch name Perform Git actions with an impersonation token even if impersonation is disabled Tag and branch name confusion allows Developer to access protected CI variables New subscriptions generate OAuth...

CVE-2019-15580

An information exposure vulnerability exists in gitlab.com v12.3.2, v12.2.6, and v12.1.10 when using the blocking merge request feature, it was possible for an unauthenticated user to see the head pipeline data of a public project even though pipeline visibility was restricted...

CVE-2019-15580

An information exposure vulnerability exists in gitlab.com v12.3.2, v12.2.6, and v12.1.10 when using the blocking merge request feature, it was possible for an unauthenticated user to see the head pipeline data of a public project even though pipeline visibility was restricted...

CVE-2019-15580

CVE-2019-15580 is an information exposure vulnerability in gitlab.com versions <12.3.2, <12.2.6, and

CVE-2019-15580

Removed by vendor...

GitLab: Last pipeline status for MR leaked

Hi GitLab security team, Summary GitLab allows for public and internal projects to restrict the visibility of pipelines to project members only. Then, only project members should have access to the pipeline information. However, this can be bypassed. There is a internal endpoint...