I made a report and patch at https://hackerone.com/reports/1696752. https://discuss.rubyonrails.org/t/cve-2023-22799-possible-redos-based-dos-vulnerability-in-globalid/82127 > There is a possible D ...
Continue Reading
July 27, 2023
gitlab is vulnerable to Denial Of Service (DoS). The vulnerability exists due to the lack of length validation of the library, which allows an attacker to create large issue descriptions via GraphQL, ...
Continue Reading
July 27, 2023
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...
Continue Reading
July 26, 2023
### Summary CWE-200: Exposure of Sensitive Information to an Unauthorized Actor Access to information you should not have access to when the permissions rely on `$CURRENT_USER` for filtering. ### Deta ...
Continue Reading
July 26, 2023
### Summary CWE-200: Exposure of Sensitive Information to an Unauthorized Actor Access to information you should not have access to when the permissions rely on `$CURRENT_USER` for filtering. ### Deta ...
Continue Reading
July 26, 2023
# CVE-2021-4191 - GitLab User Enumeration GitLab is a widely-us...Read More ...
Continue Reading
July 22, 2023
# CVE-2021-4191 - GitLab User Enumeration GitLab is a widely-us...Read More ...
Continue Reading
July 22, 2023
This release of Red Hat Integration - Service Registry 2.4.3 GA includes the following security fixes. Security Fix(es): * keycloak: path traversal via double URL encoding (CVE-2022-3782) * jackson-da ...
Continue Reading
July 14, 2023
Back to Main
