CVE-2022-2884 Vulnerability in GitLab CE/EE from 11.3.4 to 15.1.5, 15.2 to 15.2.3, 15.3 to 15.3.1 allows authenticated user to execute code via the Import from GitHub API endpoint.
causing the application to crash and possibly giving attackers the ability to take over the server. This vulnerability has been assigned the bug identifier CVE-2018-16392.
CVE-2022-3030 An access control issue in GitLab CE/EE before 15.1.6, 15.2.4, 15.3.2 allows disclosure of pipeline status to unauthorized users.
All versions up to and including 15.2.5 (released on October 18th, 2017) are affected by a security issue where an attacker can insert
CVE-2022-3279 An unhandled exception in job log parsing in GitLab CE/EE before 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1 allows an attacker to prevent access to job logs.
by setting the appropriate Restricted Access restriction. GitLab attempts to parse the job log from the received email and displays the parsed content to the
CVE-2017-7517 An input validation vulnerability exists in Openshift Enterprise due to a 1:1 mapping of tenants in Hawkular Metrics and projects/namespaces in OpenShift.
This vulnerability has the potential to be exploited in a number of ways. For example, a malicious user could store credentials in the "MyProject&
CVE-2022-42154 - How Arbitrary File Upload in 74cmsSE v3.13. Can Lead to Remote Code Execution
Security vulnerabilities in web applications are a constant threat. One particularly dangerous bug is an arbitrary file upload vulnerability, which often leads to Remote Code
Episode
00:00:00
00:00:00