In all versions of GitLab CE/EE since version 13.0, an instance that has the setting to disable Bitbucket Server import enabled is bypassed by an attacker making a crafted API...Read More ...
Continue Reading
February 01, 2024
In all versions of GitLab CE/EE since version 11.11, an instance that has the setting to disable Repo by URL import enabled is bypassed by an attacker making a crafted API...Read More ...
Continue Reading
February 01, 2024
A stored Cross-Site Scripting vulnerability in the Jira integration in all GitLab versions starting from 13.9 before 14.0.9, all versions starting from 14.1 before 14.1.4, and all versions starting fr ...
Continue Reading
February 01, 2024
A potential DOS vulnerability was discovered in GitLab EE starting with version 12.6 due to lack of pagination in dependencies...Read More ...
Continue Reading
February 01, 2024
A cross-site request forgery vulnerability in the GraphQL API in GitLab since version 13.12 and before versions 13.12.6 and 14.0.2 allowed an attacker to call mutations as the...Read More ...
Continue Reading
February 01, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.2. When querying the repository branches through API, GitLab was ignoring a query parameter and returning a conside ...
Continue Reading
February 01, 2024
An issue has been discovered in GitLab CE/EE affecting all previous versions. If the victim is an admin, it was possible to issue a CSRF in System hooks through the...Read More ...
Continue Reading
February 01, 2024
TensorFlow is an end-to-end open source platform for machine learning. The API of tf.raw_ops.SparseCross allows combinations which would result in a CHECK-failure and denial of service. This is becaus ...
Continue Reading
February 01, 2024
Back to Main
