Page 81 of 701 results (0.006 seconds)

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

GitLab 8.11 through 12.8.1 allows a Denial of Service when using several features to recursively request eachother, GitLab versiones 8.11 hasta 12.8.1, permite una Denegación de Servicio cuando se usan varias funcionalidades para una petición eachother de forma recursiva. • https://about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released https://about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released/index.html • CWE-674: Uncontrolled Recursion •

CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0

GitLab 11.7 through 12.8.1 allows Information Disclosure. Under certain group conditions, group epic information was unintentionally being disclosed. GitLab versiones anteriores a 11.7 hasta 12.8.1, permite una Divulgación de Información. Bajo determinadas condiciones grupales, la información del epic del grupo se revelaba involuntariamente. • https://about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released https://about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released/index.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0

GitLab 9.3 through 12.8.1 allows XSS. A cross-site scripting vulnerability was found when viewing particular file types. GitLab versiones anteriores a 9.3 hasta 12.8.1, permite un ataque de tipo XSS. Se encontró una vulnerabilidad de tipo cross-site scripting en una vista particular relacionada con la integración de Grafana. • https://about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released https://about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released/index.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0

GitLab 12.1 through 12.8.1 allows XSS. A cross-site scripting vulnerability was present in a particular view relating to the Grafana integration. GitLab versiones 12.1 hasta 12.8.1, permite un ataque de tipo XSS. Una vulnerabilidad de tipo cross-site scripting estaba presente en una vista particular relacionada con la integración de Grafana. • https://about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released https://about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released/index.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

An issue was discovered in GitLab Enterprise Edition 10.6 through 12.0.2. The GitHub project integration was vulnerable to an SSRF vulnerability which allowed an attacker to make requests to local network resources. It has Incorrect Access Control. Se detectó un problema en GitLab Enterprise Edition versiones 10.6 hasta la versión 12.0.2. La integración del proyecto de GitHub era vulnerable a una vulnerabilidad de tipo SSRF que permitía a un atacante realizar peticiones a recursos de red local. • https://about.gitlab.com/blog/categories/releases https://about.gitlab.com/releases/2019/07/03/security-release-gitlab-12-dot-0-dot-3-released • CWE-918: Server-Side Request Forgery (SSRF) •