15 matches found
CVE-2023-4379
An issue has been discovered in GitLab EE affecting all versions starting from 15.3 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1. Code owner approval was not removed from merge requests when the target branch was updated...
BIT-GITLAB-2023-4379 Incorrect Authorization in GitLab
An issue has been discovered in GitLab EE affecting all versions starting from 15.3 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1. Code owner approval was not removed from merge requests when the target branch was updated...
CVE-2023-4379
An issue has been discovered in GitLab EE affecting all versions starting from 15.3 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1. Code owner approval was not removed from merge requests when the target branch was updated...
CVE-2023-4379 Incorrect Authorization in GitLab
An issue has been discovered in GitLab EE affecting all versions starting from 15.3 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1. Code owner approval was not removed from merge requests when the target branch was updated...
CVE-2023-4379
Removed by vendor...
GitLab Enterprise Edition Security Vulnerability
GitLab Enterprise Edition EE is a content management system from the US-based GitLab, Inc. A security vulnerability exists in GitLab Enterprise Edition that stems from a security hole when updating a target branch. Affected products and versions: GitLab EE versions 15.3 through 16.2.8 prior, 16.3...
PT-2023-5678 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab EE versions 15.3 through 16.2.7 GitLab EE versions 16.3 through 16.3.4 GitLab EE versions 16.4 through 16.4.0 Description: An issue has been discovered in GitLab EE related to insufficient access control. The issue allows a remote...
Denial Of Service (DoS)
gitlab is vulnerable to Denial Of Service DoS. The vulnerability exists due to the infinite loop when an authenticated user with specific rights access a MR having source and target branch pointing to each other, leading to crash the application...
Code injection
An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed commit smuggling by displaying an incorrect diff. To do so, an attacker would need write access to the repository and be able to correctly guess the target branch before it’s created by the code...
PT-2023-19187 · Github · Github Enterprise Server
Name of the Vulnerable Software and Affected Versions: GitHub Enterprise Server versions prior to 3.9 Description: An incorrect comparison issue was identified in GitHub Enterprise Server, allowing commit smuggling by displaying an incorrect diff. An attacker would need write access to the...
CVE-2021-22197
An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.6 where an infinite loop exist when an authenticated user with specific rights access a MR having source and target branch pointing to each other...
CVE-2021-22197
An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.6 where an infinite loop exist when an authenticated user with specific rights access a MR having source and target branch pointing to each other...
Design/Logic Flaw
An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.6 where an infinite loop exist when an authenticated user with specific rights access a MR having source and target branch pointing to each other...
CVE-2021-22197
An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.6 where an infinite loop exist when an authenticated user with specific rights access a MR having source and target branch pointing to each other...
CVE-2021-22197
Removed by vendor...