8 matches found
EUVD-2023-44168
Malicious code in bioql PyPI...
CVE-2023-3509
An issue has been discovered in GitLab affecting all versions before 16.7.6, all versions starting from 16.8 before 16.8.3, all versions starting from 16.9 before 16.9.1. It was possible for group members with sub-maintainer role to change the title of privately accessible deploy keys associated...
CVE-2023-3509
An issue has been discovered in GitLab affecting all versions before 16.7.6, all versions starting from 16.8 before 16.8.3, all versions starting from 16.9 before 16.9.1. It was possible for group members with sub-maintainer role to change the title of privately accessible deploy keys associated...
CVE-2023-3509
Removed by vendor...
CVE-2023-3509
CVE-2023-3509 affects GitLab across versions: before 16.7.6, 16.8 before 16.8.3, and 16.9 before 16.9.1. The issue allows group members with sub-maintainer rights to rename privately accessible deploy keys associated with projects within the group. Mitigations are published by GitLab in fixed rel...
GitLab Access Control Error Vulnerability
GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD continuous integration and continuous delivery, and other features. GitLab suffers from an Access Control Error vulnerability that stems from a...
Gitlab -- Vulnerabilities
Gitlab reports: Stored-XSS in user's profile page User with "admingroupmembers" permission can invite other groups to gain owner access ReDoS issue in the Codeowners reference extractor LDAP user can reset password using secondary email and login using direct authentication Bypassing group ip...
PT-2023-8702 · Gitlab · Gitlab
Name of the Vulnerable Software and Affected Versions: GitLab versions prior to 16.7.6 GitLab versions 16.8 through 16.8.2 GitLab versions 16.9 through 16.9.0 Description: An issue has been discovered in GitLab that allows group members with a sub-maintainer role to change the title of privately...