EUVD-2022-25204

Malicious code in bioql PyPI...

CVE-2022-1935

Incorrect authorization in GitLab EE affecting all versions from 12.0 before 14.9.5, all versions starting from 14.10 before 14.10.4, all versions starting from 15.0 before 15.0.1 allowed an attacker already in possession of a valid Project Trigger Token to misuse it from any location even when I...

CVE-2022-1935

Incorrect authorization in GitLab EE affecting all versions from 12.0 before 14.9.5, all versions starting from 14.10 before 14.10.4, all versions starting from 15.0 before 15.0.1 allowed an attacker already in possession of a valid Project Trigger Token to misuse it from any location even when I...

CVE-2022-1935

Incorrect authorization in GitLab EE affecting all versions from 12.0 before 14.9.5, all versions starting from 14.10 before 14.10.4, all versions starting from 15.0 before 15.0.1 allowed an attacker already in possession of a valid Project Trigger Token to misuse it from any location even when I...

CVE-2022-1935

CVE-2022-1935 is an incorrect authorization vulnerability in GitLab EE where an attacker with a valid Project Trigger Token can misuse it from any location, bypassing IP restrictions. Affected releases include: 12.0–14.9.4; 14.10.0–14.10.3; 15.0.0. Remediation (per sources) is to upgrade to: 14.9...

CVE-2022-1935

Removed by vendor...

CVE-2022-1935

Incorrect authorization in GitLab EE affecting all versions from 12.0 before 14.9.5, all versions starting from 14.10 before 14.10.4, all versions starting from 15.0 before 15.0.1 allowed an attacker already in possession of a valid Project Trigger Token to misuse it from any location even when I...

PT-2022-3034 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab Enterprise Edition versions 12.0 through 14.9.4 GitLab Enterprise Edition versions 14.10.0 through 14.10.3 GitLab Enterprise Edition versions 15.0.0 Description: The issue is related to incorrect authorization in GitLab Enterprise...