Page 3 of 23 results (0.008 seconds)

CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0

28 Jan 2025 — An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.0 prior to 17.5.5, from 17.6 prior to 17.6.3, and from 17.7 prior to 17.7.1. Under certain conditions, processing of CI artifacts metadata could cause background jobs to become unresponsive. • https://gitlab.com/gitlab-org/gitlab/-/issues/372134 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •

CVSS: 6.4EPSS: 0%CPEs: 3EXPL: 0

24 Jan 2025 — An issue has been discovered in GitLab CE/EE affecting all versions starting from 17.0 prior to 17.6.4, from 17.7 prior to 17.7.3, and from 17.8 prior to 17.8.1. Under certain conditions, it may have been possible for users with developer role to exfiltrate protected CI variables via CI lint. • https://gitlab.com/gitlab-org/gitlab/-/issues/480901 • CWE-1220: Insufficient Granularity of Access Control •

CVSS: 8.7EPSS: 0%CPEs: 3EXPL: 1

24 Jan 2025 — An issue has been discovered in GitLab CE/EE affecting all versions from 17.2 before 17.6.4, 17.7 before 17.7.3, and 17.8 before 17.8.1. Improper rendering of certain file types lead to cross-site scripting. • https://gitlab.com/gitlab-org/gitlab/-/issues/512118 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •