BIT-gitlab-2020-13351

Insufficient permission checks in scheduled pipeline API in GitLab CE/EE 13.0+ allows an attacker to read variable names and values for scheduled pipelines on projects visible to the attacker. Affecte ...

Continue Reading

February 01, 2024

BIT-gitlab-2020-13324

A vulnerability was discovered in GitLab versions prior to 13.1. Under certain conditions the private activity of a user could be exposed via the...Read More ...

Continue Reading

February 01, 2024

BIT-gitlab-2020-13346

Membership changes are not reflected in ToDo subscriptions in GitLab versions prior to 13.2.10, 13.3.7 and 13.4.2, allowing guest users to access confidential issues through...Read More ...

Continue Reading

February 01, 2024

BIT-gitlab-2020-13284

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. API Authorization Using Outdated CI Job...Read More ...

Continue Reading

February 01, 2024

BIT-gitlab-2020-13346

Membership changes are not reflected in ToDo subscriptions in GitLab versions prior to 13.2.10, 13.3.7 and 13.4.2, allowing guest users to access confidential issues through...Read More ...

Continue Reading

February 01, 2024

BIT-gitlab-2020-13317

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8, and 13.3.4. An insufficient check in the GraphQL api allowed a maintainer to delete a repository.Read More ...

Continue Reading

February 01, 2024

BIT-gitlab-2020-13271

A Stored Cross-Site Scripting vulnerability allowed the execution of arbitrary Javascript code in the blobs API in all previous GitLab CE/EE versions through...Read More ...

Continue Reading

February 01, 2024

BIT-gitlab-2020-13333

A potential DOS vulnerability was discovered in GitLab versions 13.1, 13.2 and 13.3. The api to update an asset as a link from a release had a regex check which caused exponential number of backtracks ...

Continue Reading

February 01, 2024

1 8,559 8,560 8,561 8,562 8,563 9,321

Back to Main
Subscribe for the latest news: