NotCVE - vendor:"GitLab" product:"GitLab" version:"

Page 108 of 1099 results (0.013 seconds)

CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0

CVE-2017-0922

https://notcve.org/view.php?id=CVE-2017-0922

21 Mar 2018 — Gitlab Enterprise Edition version 10.3 is vulnerable to an authorization bypass issue in the GitLab Projects::BoardsController component resulting in an information disclosure on any board object. Gitlab Enterprise Edition 10.3 es vulnerable a un problema de omisión de autenticación en el componente GitLab Projects::BoardsController que resulta en la divulgación de información en cualquier objeto board. • https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released • CWE-639: Authorization Bypass Through User-Controlled Key CWE-863: Incorrect Authorization •

CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0

CVE-2017-0914

https://notcve.org/view.php?id=CVE-2017-0914

21 Mar 2018 — Gitlab Community and Enterprise Editions version 10.1, 10.2, and 10.2.4 are vulnerable to a SQL injection in the MilestoneFinder component resulting in disclosure of all data in a GitLab instance's database. Las ediciones Community y Enterprise de Gitlab, en sus versiones 10.1, 10.2 y 10.2.4, son vulnerables a una inyección SQL en el componente MilestoneFinder que resulta en la divulgación de todos los datos en la base de datos de una instancia de Gitlab. • https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 6.1EPSS: 0%CPEs: 8EXPL: 0

CVE-2017-0924

https://notcve.org/view.php?id=CVE-2017-0924

21 Mar 2018 — Gitlab Community Edition version 10.2.4 is vulnerable to lack of input validation in the labels component resulting in persistent cross site scripting. Gitlab Community Edition 10.2.4 es vulnerable a una falta de validación de entradas en el componente labels que resulta en Cross-Site Scripting (XSS) persistente. • https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 8EXPL: 0

CVE-2017-0923

https://notcve.org/view.php?id=CVE-2017-0923

21 Mar 2018 — Gitlab Community Edition version 9.1 is vulnerable to lack of input validation in the IPython notebooks component resulting in persistent cross site scripting. Gitlab Community Edition 9.1 es vulnerable a una falta de validación de entradas en el componente IPython notebooks que resulta en Cross-Site Scripting (XSS) persistente. • https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0

CVE-2017-0927

https://notcve.org/view.php?id=CVE-2017-0927

21 Mar 2018 — Gitlab Community Edition version 10.3 is vulnerable to an improper authorization issue in the deployment keys component resulting in unauthorized use of deployment keys by guest users. Gitlab Community Edition 10.3 es vulnerable a un problema de autorización incorrecta en el componente deployment keys que resulta en el uso no autorizado de claves de implementación por parte de usuarios invitados. • https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released • CWE-285: Improper Authorization CWE-863: Incorrect Authorization •

CVSS: 9.8EPSS: 3%CPEs: 9EXPL: 0

CVE-2017-0915 – Debian Security Advisory 4145-1

https://notcve.org/view.php?id=CVE-2017-0915

18 Mar 2018 — Gitlab Community Edition version 10.2.4 is vulnerable to a lack of input validation in the GitlabProjectsImportService resulting in remote code execution. Gitlab Community Edition 10.2.4 es vulnerable a una falta de validación de entradas en GitlabProjectsImportService que resulta en la ejecución remota de código. Several vulnerabilities have been discovered in Gitlab, a software platform to collaborate on code. • https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released • CWE-20: Improper Input Validation CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •

CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 0

CVE-2017-0918 – Debian Security Advisory 4145-1

https://notcve.org/view.php?id=CVE-2017-0918

18 Mar 2018 — Gitlab Community Edition version 10.3 is vulnerable to a path traversal issue in the GitLab CI runner component resulting in remote code execution. Gitlab Community Edition 10.3 es vulnerable a un problema de salto de directorio en el componente GitLab CI runner que resulta en la ejecución remota de código. Several vulnerabilities have been discovered in Gitlab, a software platform to collaborate on code. • https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-23: Relative Path Traversal •

CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 0

CVE-2017-0917 – Debian Security Advisory 4145-1

https://notcve.org/view.php?id=CVE-2017-0917

18 Mar 2018 — Gitlab Community Edition version 10.2.4 is vulnerable to lack of input validation in the CI job component resulting in persistent cross site scripting. Gitlab Community Edition 10.2.4 es vulnerable a una falta de validación de entradas en el componente de trabajo CI que resulta en Cross-Site Scripting (XSS) persistente. Several vulnerabilities have been discovered in Gitlab, a software platform to collaborate on code. • https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released • CWE-20: Improper Input Validation CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.8EPSS: 4%CPEs: 9EXPL: 0

CVE-2018-3710 – Debian Security Advisory 4145-1

https://notcve.org/view.php?id=CVE-2018-3710

18 Mar 2018 — Gitlab Community and Enterprise Editions version 10.3.3 is vulnerable to an Insecure Temporary File in the project import component resulting remote code execution. Las ediciones Community y Enterprise de Gitlab, en su versión 10.3.3, son vulnerables a un archivo temporal inseguro en el componente de importación de proyectos, lo que resulta en una ejecución remota de código. Several vulnerabilities have been discovered in Gitlab, a software platform to collaborate on code. • https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-377: Insecure Temporary File •

CVSS: 7.2EPSS: 0%CPEs: 9EXPL: 0

CVE-2017-0925 – Debian Security Advisory 4145-1

https://notcve.org/view.php?id=CVE-2017-0925

18 Mar 2018 — Gitlab Enterprise Edition version 10.1.0 is vulnerable to an insufficiently protected credential issue in the project service integration API endpoint resulting in an information disclosure of plaintext password. Gitlab Enterprise Edition 10.1.0 es vulnerable a un problema de credenciales protegidas de forma insuficiente en el endpoint de API de proyecto de integración de servicio que resulta en la divulgación de información de contraseñas en texto plano. Several vulnerabilities have been discovered in Gitl... • https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released • CWE-319: Cleartext Transmission of Sensitive Information CWE-522: Insufficiently Protected Credentials •

1...106 107 108 109 110