EUVD-2022-51416

Malicious code in bioql PyPI...

GitLab 13.11 < 15.5.7 / 15.6 < 15.6.4 / 15.7 < 15.7.2 (CVE-2022-4167)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Incorrect Authorization check affecting all versions of GitLab EE from 13.11 prior to 15.5.7, 15.6 prior to 15.6.4, and 15.7 prior to 15.7.2 allows group access tokens to continue working even after t...

Input validation

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 15.5.7, all versions starting from 15.6 before 15.6.4, all versions starting from 15.7 before 15.7.2. Due to the improper filtering of query parameters in the wiki changes page, an attacker can execute...

CVE-2022-3573

CVE-2022-3573 affects GitLab CE/EE, with versions 15.4 up to before 15.5.7; 15.6 before 15.6.4; and 15.7 before 15.7.2. The issue stems from improper filtering of query parameters on the wiki changes page, allowing an attacker to execute arbitrary JavaScript on self-hosted instances that do not e...

PT-2023-13439 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 6.6 through 15.5.7 GitLab CE/EE versions 15.6 through 15.6.4 GitLab CE/EE versions 15.7 through 15.7.2 Description: An issue has been discovered in GitLab CE/EE that affects various versions. The problem is related to a...