17 matches found
EUVD-2023-58262
Malicious code in bioql PyPI...
EUVD-2024-48021
Malicious code in bioql PyPI...
CVE-2023-5995
An issue has been discovered in GitLab EE affecting all versions starting from 16.2 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was possible for an attacker to abuse the policy bot to gain access to internal projects...
CVE-2024-6356
An issue was discovered in GitLab EE affecting all versions starting from 16.0 prior to 17.0.6, starting from 17.1 prior to 17.1.4, and starting from 17.2 prior to 17.2.2, which allowed cross project access for Security policy bot...
BIT-GITLAB-2024-6356 Incorrect User Management in GitLab
An issue was discovered in GitLab EE affecting all versions starting from 16.0 prior to 17.0.6, starting from 17.1 prior to 17.1.4, and starting from 17.2 prior to 17.2.2, which allowed cross project access for Security policy bot...
CVE-2024-6356 Incorrect User Management in GitLab
An issue was discovered in GitLab EE affecting all versions starting from 16.0 prior to 17.0.6, starting from 17.1 prior to 17.1.4, and starting from 17.2 prior to 17.2.2, which allowed cross project access for Security policy bot...
CVE-2024-6356 Incorrect User Management in GitLab
An issue was discovered in GitLab EE affecting all versions starting from 16.0 prior to 17.0.6, starting from 17.1 prior to 17.1.4, and starting from 17.2 prior to 17.2.2, which allowed cross project access for Security policy bot...
CVE-2024-6356
Removed by vendor...
CVE-2024-6356
CVE-2024-6356 affects GitLab Enterprise Edition (EE) across multiple lines of versions: 16.0 ≤ version < 17.0.6, 17.1 ≤ version < 17.1.4, and 17.2 ≤ version
PT-2025-5687 · Gitlab · Gitlab Ce/Ee
Name of the Vulnerable Software and Affected Versions: GitLab EE versions 16.0 through 17.0.6 GitLab EE versions 17.1 through 17.1.4 GitLab EE versions 17.2 through 17.2.2 Description: An issue was discovered in GitLab EE which allowed cross project access for Security policy bot. Recommendations...
GitLab 16.2 < 16.4.3 / 16.5 < 16.5.3 / 16.6 < 16.6.1 (CVE-2023-5995)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab EE affecting all versions starting from 16.2 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was...
Design/Logic Flaw
An issue has been discovered in GitLab EE affecting all versions starting from 16.2 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was possible for an attacker to abuse the policy bot to gain access to internal projects...
CVE-2023-5995 Incorrect Authorization in GitLab
An issue has been discovered in GitLab EE affecting all versions starting from 16.2 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was possible for an attacker to abuse the policy bot to gain access to internal projects...
CVE-2023-5995
Removed by vendor...
CVE-2023-5995
An issue has been discovered in GitLab EE affecting all versions starting from 16.2 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was possible for an attacker to abuse the policy bot to gain access to internal projects...
PT-2023-32465 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab EE versions 16.2 through 16.4.2 GitLab EE versions 16.5 through 16.5.2 GitLab EE versions 16.6 through 16.6.0 Description: An issue has been discovered in GitLab EE that affects various versions. It was possible for an attacker to abus...
MAL-2022-5405 Malicious code in policy-bot (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware da46f58ff0dfb44c63d922213b2d90d18977a19099a6283dd1f66e96469569b6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...