GitLab 12.6 < 13.1.10 / 13.2 < 13.2.8 / 13.3 < 13.3.4 (CVE-2020-13317)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8, and 13.3.4. An insufficient ...

Continue Reading
GitLab < 13.11.6 (CVE-2021-22228)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: An issue has been discovered in GitLab affecting all versions before 13.11.6, all versions starting from ...

Continue Reading
Race Condition was identified in GitHub Enterprise Server that allowed maintaining admin permissions

A race condition in GitHub Enterprise Server allowed an existing admin to maintain permissions on a detached repository by making a GraphQL mutation to alter repository permissions while the repositor ...

Continue Reading
Incorrect Authorization in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.7 before 16.9.6, all versions starting from 16.10 before 16.10.4, all versions starting from 16.11 before 16.11.1 w ...

Continue Reading
GitLab 16.7 < 16.9.6 / 16.10 < 16.10.4 / 16.11 < 16.11.1 (CVE-2024-4006)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.7 before 16.9.6, al ...

Continue Reading
RHEL 8 : Satellite 6.13 Release (Important) (RHSA-2023:2097)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:2097 advisory. jackson-databind: Possible DoS if using J ...

Continue Reading
nautobot has reflected Cross-site Scripting potential in all object list views

Impact It was discovered that due to improper handling and escaping of user-provided query parameters, a maliciously crafted Nautobot URL could potentially be used to execute a Reflected Cross-Site Sc ...

Continue Reading
nautobot has reflected Cross-site Scripting potential in all object list views

Impact It was discovered that due to improper handling and escaping of user-provided query parameters, a maliciously crafted Nautobot URL could potentially be used to execute a Reflected Cross-Site Sc ...

Continue Reading

Back to Main

Subscribe for the latest news: