9 matches found
BIT-GITLAB-2022-3758
An issue has been discovered in GitLab affecting all versions starting from 15.5 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. Due to improper permissions checks an unauthorised user was able to read, add or edit a users private snipp...
Authorization Bypass
phpLiteAdmin is vulnerable to Authorization Bypasses. Due to improper permissions checks an authenticated attacker is able to perform unauthorized operations such as read, add or edit a user's private snippet...
CVE-2022-3758
An issue has been discovered in GitLab affecting all versions starting from 15.5 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. Due to improper permissions checks an unauthorised user was able to read, add or edit a users private snipp...
CVE-2022-3758
CVE-2022-3758 affects GitLab releases with multiple version ranges: 15.5–15.7.7, 15.8–15.8.3, and 15.9–15.9.1. The issue stems from improper permissions checks that allow an unauthorised user to read, add or edit a user’s private snippet. The impact is limited to read/edit exposure of private sni...
CVE-2022-3758
An issue has been discovered in GitLab affecting all versions starting from 15.5 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. Due to improper permissions checks an unauthorised user was able to read, add or edit a users private snipp...
CVE-2022-3758
Removed by vendor...
CVE-2019-13001
An issue was discovered in GitLab Community and Enterprise Edition 11.9 and later through 12.0.2. GitLab Snippets were vulnerable to an authorization issue that allowed unauthorized users to add comments to a private snippet. It allows authentication bypass...
FreeBSD : Gitlab -- Multiple Vulnerabilities (4ea507d1-9da8-11e9-a759-001b217b3468)
Gitlab reports : Ability to Write a Note to a Private Snippet Recent Pipeline Information Disclosed to Unauthorised Users Resource Exhaustion Attack Error Caused by Encoded Characters in Comments Authorization Issues in GraphQL Number of Merge Requests was Accessible Enabling One of the Service...
Gitlab -- Multiple Vulnerabilities
Gitlab reports: Ability to Write a Note to a Private Snippet Recent Pipeline Information Disclosed to Unauthorised Users Resource Exhaustion Attack Error Caused by Encoded Characters in Comments Authorization Issues in GraphQL Number of Merge Requests was Accessible Enabling One of the Service...