Lucene search
K

4 matches found

CVE
CVE
added 2025/07/30 7:59 p.m.32 views

CVE-2025-54583

GitProxy (finos/git-proxy) vulnerability CVE-2025-54583 affects version 1.19.1 and earlier; 1.19.2 fixes the issue. The flaw allows pushing to a remote repository while bypassing policy checks and explicit approvals when multiple branches are pushed, enabling code that should be blocked (e.g., se...

8.3CVSS6.7AI score0.00436EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2025/02/17 7:10 p.m.12 views

BIT-GITLAB-2025-1042 Files or Directories Accessible to External Parties in GitLab

An insecure direct object reference vulnerability in GitLab EE affecting all versions from 15.7 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 allows an attacker to view repositories in an unauthorized way...

7.5CVSS4.8AI score0.0042EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/02/12 12:0 a.m.7 views

GitLab Enterprise Edition 安全漏洞

GitLab Enterprise Edition EE is a content management system from GitLab, Inc. in the United States. A security vulnerability exists in GitLab Enterprise Edition that stems from an insecure direct object reference that results in unauthorized repository access...

7.5CVSS6.2AI score0.0042EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/16 9:26 p.m.33 views

CVE-2024-5566 Improper Privilege Management allows for access to unauthorized repository content during migration

An improper privilege management vulnerability allowed users to migrate private repositories without having appropriate scopes defined on the related Personal Access Token. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.14 and was fixed in version 3.13.1, 3.12.6,...

5.8CVSS0.00476EPSS
Exploits0References5
Rows per page
Query Builder