CVE-2020-13317

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8, and 13.3.4. An insufficient check in the GraphQL api allowed a maintainer to delete a...Read More ...

Continue Reading

May 22, 2025

CVE-2020-13334

In GitLab versions prior to 13.2.10, 13.3.7 and 13.4.2, improper authorization checks allow a non-member of a project/group to change the confidentiality attribute of issue via mutation GraphQL...Read ...

Continue Reading

May 22, 2025

CVE-2020-26136

In SilverStripe through 4.6.0-rc1, GraphQL doesn't honour MFA (multi-factor authentication) when using basic...Read More ...

Continue Reading

May 22, 2025

CVE-2020-10978

GitLab EE/CE 8.11 to 12.9 is leaking information on Issues opened in a public project and then moved to a private project through Web-UI and GraphQL...Read More ...

Continue Reading

May 22, 2025

CVE-2020-13317

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8, and 13.3.4. An insufficient check in the GraphQL api allowed a maintainer to delete a...Read More ...

Continue Reading

May 22, 2025

CVE-2020-15126

In parser-server from version 3.5.0 and before 4.3.0, an authenticated user using the viewer GraphQL query can by pass all read security on his User object and can also by pass all objects linked via ...

Continue Reading

May 22, 2025

CVE-2020-13334

In GitLab versions prior to 13.2.10, 13.3.7 and 13.4.2, improper authorization checks allow a non-member of a project/group to change the confidentiality attribute of issue via mutation GraphQL...Read ...

Continue Reading

May 22, 2025

CVE-2020-26136

In SilverStripe through 4.6.0-rc1, GraphQL doesn't honour MFA (multi-factor authentication) when using basic...Read More ...

Continue Reading

May 22, 2025

1 157 158 159 160 161 403

Back to Main
Subscribe for the latest news: