8 matches found
EUVD-2020-5547
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2020-13297
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. When 2 factor authentication was enabled for groups, a malicious user could...
Linux Distros Unpatched Vulnerability : CVE-2020-13305
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab was not invalidating project invitation link upon removing a user fr...
Linux Distros Unpatched Vulnerability : CVE-2020-13284
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. API Authorization Using Outdated CI Job Token CVE-2020-13284 Note that Ness...
GitLab Server-Side Request Forgery Vulnerability (CNVD-2020-52182)
GitLab is an open source application developed using Ruby on Rails that implements a self-hosted Git project repository that can be accessed through a web interface for public and private projects. A server-side request forgery vulnerability exists in GitLab versions prior to 13.1.10, 13.2.8, and...
PT-2020-13440 · Gitlab · Gitlab
Name of the Vulnerable Software and Affected Versions: GitLab versions prior to 13.1.10 GitLab versions prior to 13.2.8 GitLab versions prior to 13.3.4 Description: A vulnerability was discovered where the revocation feature was not revoking all session tokens, allowing them to be re-used to obta...
PT-2020-13452 · Gitlab · Gitlab
Name of the Vulnerable Software and Affected Versions: GitLab versions prior to 13.1.10 GitLab versions prior to 13.2.8 GitLab versions prior to 13.3.4 Description: A vulnerability was discovered that makes the Wiki functionality vulnerable to a parser attack, prohibiting access through the user...
PT-2020-13458 · Gitlab · Gitlab
Name of the Vulnerable Software and Affected Versions: GitLab versions prior to 13.1.10 GitLab versions prior to 13.2.8 GitLab versions prior to 13.3.4 Description: A vulnerability was discovered that involves an insufficient check in the GraphQL API. This issue allows a maintainer to delete a...