NotCVE - vendor:"GitLab" product:"GitLab" version:" >= 15.10.0

Page 31 of 305 results (0.006 seconds)

CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0

CVE-2023-1787

https://notcve.org/view.php?id=CVE-2023-1787

05 Apr 2023 — An issue has been discovered in GitLab affecting all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. A search timeout could be triggered if a specific HTML payload was used in the issue description. • https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-1787.json •

CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 0

CVE-2023-1071

https://notcve.org/view.php?id=CVE-2023-1071

05 Apr 2023 — An issue has been discovered in GitLab affecting all versions from 15.5 before 15.8.5, all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. Due to improper permissions checks it was possible for an unauthorised user to remove an issue from an epic. • https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-1071.json • CWE-863: Incorrect Authorization •

CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0

CVE-2023-0838

https://notcve.org/view.php?id=CVE-2023-0838

05 Apr 2023 — An issue has been discovered in GitLab affecting versions starting from 15.1 before 15.8.5, 15.9 before 15.9.4, and 15.10 before 15.10.1. A maintainer could modify a webhook URL to leak masked webhook secrets by adding a new parameter to the url. This addresses an incomplete fix for CVE-2022-4342. • https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0838.json • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0

CVE-2023-1167

https://notcve.org/view.php?id=CVE-2023-1167

05 Apr 2023 — Improper authorization in Gitlab EE affecting all versions from 12.3.0 before 15.8.5, all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1 allows an unauthorized access to security reports in MR. • https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-1167.json • CWE-862: Missing Authorization •

CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0

CVE-2023-1733

https://notcve.org/view.php?id=CVE-2023-1733

05 Apr 2023 — A denial of service condition exists in the Prometheus server bundled with GitLab affecting all versions from 11.10 to 15.8.5, 15.9 to 15.9.4 and 15.10 to 15.10.1. • https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-1733.json •

1...29 30 31