CVE-2024-34152 Playbook Run Metadata leak to Guest

Mattermost versions 9.5.x <= 9.5.3, 9.6.x <= 9.6.1 and 8.1.x <= 8.1.12 fail to perform proper access control which allows a guest to get the metadata of a public playbook run tha ...

Continue Reading
CVE-2024-34152

Mattermost versions 9.5.x <= 9.5.3, 9.6.x <= 9.6.1 and 8.1.x <= 8.1.12 fail to perform proper access control which allows a guest to get the metadata of a public playbook run tha ...

Continue Reading
GitLab 13.4 < 13.4.7 / 13.5 < 13.5.5 / 13.6 < 13.6.2 (CVE-2020-26413)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.4 before 13.6.2. ...

Continue Reading
GitLab 13.3 < 13.3.9 / 13.4 < 13.4.5 / 13.5 < 13.5.2 (CVE-2020-26406)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: Certain SAST CiConfiguration information could be viewed by unauthorized users in GitLab EE starting wit ...

Continue Reading
GitLab 12.2 < 13.4.7 / 13.5 < 13.5.5 / 13.6 < 13.6.2 (CVE-2020-26415)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: Information about the starred projects for private user profiles was exposed via the GraphQL API startin ...

Continue Reading
GitLab 8.6 < 13.2.10 / 13.3.0 < 13.3.7 / 13.4.0 < 13.4.2 (CVE-2020-13334)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: In GitLab versions prior to 13.2.10, 13.3.7 and 13.4.2, improper authorization checks allow a non-member ...

Continue Reading
GitLab 13.1 < 13.4.7 / 13.5 < 13.5.5 / 13.6 < 13.6.2 (CVE-2020-26417)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: Information disclosure via GraphQL in GitLab CE/EE 13.1 and later exposes private group and project ...

Continue Reading
GitLab 13.12 < 13.12.6 / 14.0 < 14.0.2 (CVE-2021-22224)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: A cross-site request forgery vulnerability in the GraphQL API in GitLab since version 13.12 and before ...

Continue Reading

Back to Main

Subscribe for the latest news: