18 matches found
EUVD-2020-3858
Malware in sbrugna...
EUVD-2020-3859
Malware in sbrugna...
EUVD-2020-27977
Malware in sbrugna...
BIT-GITLAB-2020-11505
An issue was discovered in GitLab Community Edition CE and Enterprise Edition EE before 12.7.9, 12.8.x before 12.8.9, and 12.9.x before 12.9.3. A Workhorse bypass could lead to NuGet package and file disclosure Exposure of Sensitive Information via request smuggling...
BIT-GITLAB-2020-11506
An issue was discovered in GitLab 10.7.0 and later through 12.9.2. A Workhorse bypass could lead to job artifact uploads and file disclosure Exposure of Sensitive Information via request smuggling...
FreeBSD : Gitlab -- Multiple Vulnerabilities (f7a97d43-c039-11ea-a051-001b217b3468)
Gitlab reports : Workhorse bypass allows files in /tmp to be read via Maven Repository APIs C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright 2003-2020 Jacques Vidrine and contributors Redistribution...
Gitlab -- Multiple Vulnerabilities
Gitlab reports: Workhorse bypass allows files in /tmp to be read via Maven Repository APIs...
Gitlab -- Multiple Vulnerabilities
Gitlab reports: Path Traversal in NuGet Package Registry Workhorse Bypass Leads to File Disclosure OAuth Application Client Secrets Revealed Code Owners Approval Rules Are Not Updated for Existing Merge Requests When Source Branch Changes Code Owners Protection Not Enforced from Web UI Repository...
CVE-2020-11506
An issue was discovered in GitLab 10.7.0 and later through 12.9.2. A Workhorse bypass could lead to job artifact uploads and file disclosure Exposure of Sensitive Information via request smuggling...
Design/Logic Flaw
An issue was discovered in GitLab Community Edition CE and Enterprise Edition EE before 12.7.9, 12.8.x before 12.8.9, and 12.9.x before 12.9.3. A Workhorse bypass could lead to NuGet package and file disclosure Exposure of Sensitive Information via request smuggling...
CVE-2020-11505
An issue was discovered in GitLab Community Edition CE and Enterprise Edition EE before 12.7.9, 12.8.x before 12.8.9, and 12.9.x before 12.9.3. A Workhorse bypass could lead to NuGet package and file disclosure Exposure of Sensitive Information via request smuggling...
Arbitrary file deletion
An issue was discovered in GitLab 10.7.0 and later through 12.9.2. A Workhorse bypass could lead to job artifact uploads and file disclosure Exposure of Sensitive Information via request smuggling...
CVE-2020-11506
An issue was discovered in GitLab 10.7.0 and later through 12.9.2. A Workhorse bypass could lead to job artifact uploads and file disclosure Exposure of Sensitive Information via request smuggling...
CVE-2020-11506
CVE-2020-11506 affects GitLab 10.7.0 through 12.9.2. A Workhorse bypass could enable job artifact uploads and disclosure of sensitive information via request smuggling. Subcomponents implicated: GitLab Workhorse; root cause details are not explicitly provided in the included documents beyond the ...
CVE-2020-11505
Removed by vendor...
PT-2020-12653 · Gitlab · Gitlab
Name of the Vulnerable Software and Affected Versions: GitLab versions 10.7.0 through 12.9.2 Description: An issue in GitLab allows a Workhorse bypass, which could lead to job artifact uploads and file disclosure, resulting in the exposure of sensitive information via request smuggling...
Design/Logic Flaw
An issue was discovered in GitLab EE 11.3 and later. A GitLab Workhorse bypass could lead to package and file disclosure via request smuggling...
PT-2020-19252 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab EE versions 11.3 and later Description: An issue was discovered that could lead to a GitLab Workhorse bypass, resulting in package and file disclosure via request smuggling. Recommendations: For GitLab EE versions 11.3 and later, at th...