Page 56 of 445 results (0.010 seconds)

CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0

An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 5.1 through 12.6.1. It has Incorrect Access Control. Se descubrió un problema en GitLab Community Edition (CE) and Enterprise Edition (EE) versiones 5.1 hasta la versión 12.6.1. Tiene un Control de Acceso Incorrecto. • https://about.gitlab.com/blog/categories/releases https://about.gitlab.com/releases/2020/01/02/security-release-gitlab-12-6-2-released • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0

An issue was discovered in GitLab Enterprise Edition (EE) 8.9.0 through 12.6.1. Using the project import feature, it was possible for someone to obtain issues from private projects. Se descubrió un problema en GitLab Enterprise Edition (EE) versiones 8.9.0 hasta la versión 12.6.1. Usando la funcionalidad de importación de proyectos, fue posible que alguien obtuviera problemas a partir de proyectos privados. • https://about.gitlab.com/blog/categories/releases https://about.gitlab.com/releases/2020/01/13/critical-security-release-gitlab-12-dot-6-dot-4-released •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

GitLab EE 8.4 through 12.5, 12.4.3, and 12.3.6 stored several tokens in plaintext. GitLab EE versiones 8.4 hasta 12.5, 12.4.3 y 12.3.6, almacenaron varios tokens en texto plano. • https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released https://about.gitlab.com/blog/categories/releases https://gitlab.com/gitlab-org/gitlab/issues/32381 • CWE-312: Cleartext Storage of Sensitive Information •

CVSS: 5.8EPSS: 0%CPEs: 3EXPL: 0

GitLab EE 8.14 through 12.5, 12.4.3, and 12.3.6 has Incorrect Access Control. After a project changed to private, previously forked repositories were still able to get information about the private project through the API. GitLab EE versiones 8.14 hasta las versiones 12.5, 12.4.3 y 12.3.6, tiene un Control de Acceso Incorrecto. Después de que un proyecto cambió a privado, los repositorios previamente bifurcados podían aún ser capaces de obtener información sobre el proyecto privado mediante la API. • https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released https://about.gitlab.com/blog/categories/releases https://gitlab.com/gitlab-org/gitlab/issues/28802 •

CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0

GitLab Enterprise Edition (EE) 9.0 and later through 12.5 allows Information Disclosure. GitLab Enterprise Edition (EE) versiones 9.0 y posteriores hasta la versión 12.5, permite una Divulgación de Información. • https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released https://about.gitlab.com/blog/categories/releases • CWE-522: Insufficiently Protected Credentials •