Page 138 of 1017 results (0.005 seconds)

CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0

GitLab 12.2 through 12.8.1 allows Denial of Service. A denial of service vulnerability impacting the designs for public issues was discovered. GitLab versiones 12.2 hasta 12.8.1, permite una Denegación de Servicio. Una vulnerabilidad de denegación de servicio impacta los diseños para problemas públicos que fueron detectados. • https://about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released https://about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released/index.html •

CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0

GitLab 12.7 through 12.8.1 has Insecure Permissions. Under certain conditions involving groups, project authorization changes were not being applied. GitLab versiones 12.7 hasta 12.8.1, presenta Permisos No Seguros. Bajo determinadas condiciones que involucran a los grupos, no están siendo aplicados los cambios de autorización de proyectos. • https://about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released https://about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released/index.html • CWE-281: Improper Preservation of Permissions •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

GitLab EE 11.6 through 12.8.1 allows Information Disclosure. Sending a specially crafted request to the vulnerability_feedback endpoint could result in the exposure of a private project namespace GitLab EE versiones 11.6 hasta 12.8.1, permite una Divulgación de Información. Enviar una petición especialmente diseñada hacia el endpoint vulnerability_feedback podría resultar en una exposición de un espacio de nombres de un proyecto privado • https://about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released https://about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released/index.html •

CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0

GitLab 12.3.5 through 12.8.1 allows Information Disclosure. A particular view was exposing merge private merge request titles. GitLab versiones 12.3.5 hasta 12.8.1, permite una Divulgación de Información. Una vista en particular estaba exponiendo los títulos de peticiones de fusión privadas. • https://about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released https://about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released/index.html •

CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0

GitLab 10.4 through 12.8.1 allows Directory Traversal. A particular endpoint was vulnerable to a directory traversal vulnerability, leading to arbitrary file read. GitLab versiones 10.4 hasta 12.8.1, permite un Salto de Directorio. Un endpoint en particular era susceptible a una vulnerabilidad de Salto de Directorio, conllevando a una lectura de archivos arbitraria. • https://about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released https://about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released/index.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •