Directory Traversal Vulnerability in GitLab CE/EE

GitLab is an open source application developed using Ruby on Rails that implements a self-hosted Git project repository that can be accessed through a web interface for public and private projects.GitLab EE is the GitLab Enterprise Edition and GitLab CE is the GitLab Community Edition. GitLab CE/...

ALPINE-CVE-2022-24786

PJSIP is a free and open source multimedia communication library written in C. PJSIP versions 2.12 and prior do not parse incoming RTCP feedback RPSI Reference Picture Selection Indication packet, but any app that directly uses pjmediartcpfbparserpsi will be affected. A patch is available in the...

GitLab Access Control Error Vulnerability (CNVD-2021-91187)

GitLab is a self-hosted, Git version control system project repository application developed using Ruby on Rails by GitLab, Inc. The application can be used to access a project's file content, commit history, bug list, etc. An access control error vulnerability exists in GitLab CE/EE, which stems...

GitLab Access Control Error Vulnerability (CNVD-2021-91178)

GitLab is a self-hosted, Git version control system project repository application developed in Ruby on Rails by GitLab, Inc. The application can be used to access a project's file content, commit history, bug list, etc. An access control error vulnerability exists in GitLab CE/EE, which can be...

GitLab Information Disclosure Vulnerability (CNVD-2021-91179)

GitLab is a self-hosted Git version control system project repository application developed in Ruby on Rails by GitLab, Inc. GitLab CE/EE is vulnerable to an information disclosure vulnerability that stems from the fact that project exports can reveal external webhook token values, which can be...

GitLab has an unspecified vulnerability (CNVD-2021-66915)

GitLab is a self-hosted, Git version control system project repository application developed in Ruby on Rails by GitLab, Inc. The application can be used to access a project's file content, commit history, bug list, etc. A security vulnerability exists in Gitlab, which stems from the product's la...

GitLab Cross-Site Scripting Vulnerability (CNVD-2021-48916)

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in GitLab, which stems fr...

GitLab 跨站脚本漏洞

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in GitLab, which stems fr...

GitLab访问控制错误漏洞

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. An Access Control Error vulnerability exists in GitLab...

GitLab Resource Management Error Vulnerability (CNVD-2021-40765)

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. GitLab suffers from a Resource Management Error...

Unspecified Vulnerability in GitLab

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in GitLab Enterprise...

envoy/header_map_impl_fuzz_test: Heap-buffer-overflow in Envoy::Http::HeaderString::setCopy

Project: https://github.com/envoyproxy/envoy.git Detailed report: https://oss-fuzz.com/testcase?key=5182326490791936 Project: envoy Fuzzer: libFuzzerenvoyheadermapimplfuzztest Fuzz target binary: headermapimplfuzztest Job Type: libfuzzerasanenvoy Platform Id: linux Crash Type: Heap-buffer-overflo...

gdal: Heap-buffer-overflow in CEOSScanInt

Project: https://github.com/OSGeo/gdal.git Detailed report: https://oss-fuzz.com/testcase?key=5665094518177792 Project: gdal Fuzzer: libFuzzergdalfuzzer Fuzz target binary: gdalfuzzer Job Type: libfuzzerasangdal Platform Id: linux Crash Type: Heap-buffer-overflow READ 1 Crash Address:...