14 matches found
CVE-2026-40600
Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. In version 4.9.0, Chartbrew allows authenticated users with access to one project to update or delete a SharePolicy record that belongs to a different project. The affect...
EUVD-2020-5551
Malware in sbrugna...
CVE-2020-13291
In GitLab before 13.2.3, project sharing could temporarily allow too permissive access...
Directus 安全漏洞
Directus is a real-time Api and application dashboard open-sourced by Directus. It is used to manage Sql database content. A security vulnerability exists in Directus versions prior to 11.2.0 that stems from the ability of a user to specify arbitrary roles when sharing a project, resulting in a...
GitLab 13.2 < 13.2.3 (CVE-2020-13291)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - In GitLab before 13.2.3, project sharing could temporarily allow too permissive access. CVE-2020-13291 Note that Nessus has not tested for this issue but has instead relied only on the application's...
BIT-GITLAB-2020-13291
In GitLab before 13.2.3, project sharing could temporarily allow too permissive access...
CVE-2024-23901
Jenkins GitLab Branch Source Plugin 684.veafa7c1e2fe3 and earlier unconditionally discovers projects that are shared with the configured owner group, allowing attackers to configure and share a project, resulting in a crafted Pipeline being built by Jenkins during the next scan of the group...
Semrush: Improper input validation in projects leads to fully deny access to project resources
INTRODUCTION Accounts used to search for this vulnerability: - id: █████████ email:███ - id: █████████ email: █████████ Most of the requests made to test the vulnerability were made with the "X-hackerone: adam" header IP used: ████ / ███ Endpoint URL:...
CVE-2020-13291
In GitLab before 13.2.3, project sharing could temporarily allow too permissive access...
CVE-2020-13291
In GitLab before 13.2.3, project sharing could temporarily allow too permissive access...
Design/Logic Flaw
In GitLab before 13.2.3, project sharing could temporarily allow too permissive access...
CVE-2020-13291
In GitLab before 13.2.3, project sharing could temporarily allow too permissive access...
CVE-2020-13291
In GitLab before 13.2.3, project sharing could temporarily allow too permissive access...
CVE-2020-13291
GitLab CVE-2020-13291 affects GitLab prior to version 13.2.3. The issue enables project sharing to temporarily grant overly permissive access, constituting a privilege/authorization flaw in the sharing logic. The vulnerability is tied to GitLab’s project sharing feature and the root cause is desc...