CVE-2022-4255 - GitLab EE Information Leak – User Email Exposure via Webhook Payload
Summary:
A critical information leak vulnerability, CVE-2022-4255, was found in GitLab Enterprise Edition (EE) impacting all versions from 13.7 up to (but not including)
CVE-2022-4335 - Blind SSRF in GitLab EE Let Attackers Connect to localhost (Explained)
---
GitLab is one of the most popular tools for source code management and DevOps workflows, used widely by development teams and enterprises. Unfortunately, even
CVE-2022-4092 - Exploiting Malicious README in GitLab EE (15.6-15.6.)
In late 2022, researchers discovered CVE-2022-4092, a vulnerability in GitLab Enterprise Edition (EE) that affects all versions from 15.6 up to, but not including,
CVE-2022-4054 - How GitLab Webhook Tokens Could Be Leaked By Project Maintainers
Recently, a security issue was found in GitLab, an extremely popular tool used by millions of developers to collaborate on code. The vulnerability, tracked as
CVE-2022-3740: GitLab CE/EE Vulnerability Allowing Group Owner to Bypass External Authorization Check
A recently discovered vulnerability in GitLab CE/EE, assigned as CVE-2022-3740, has been found to affect all versions starting from 12.9 prior to 15.
Episode
00:00:00
00:00:00