CVE-2022-4365 - How GitLab Maintainers Could Leak Sentry Tokens (And What This Means For Your Data Security)
GitLab is a widely used platform for version control and DevOps, trusted by countless teams to build and ship code collaboratively. But like any powerful
CVE-2022-4131 - Exploiting a Regex Vulnerability in GitLab User-Agent Parsing for Denial of Service
In December 2022, a significant vulnerability (CVE-2022-4131) was disclosed in GitLab CE/EE. This issue affects:
All versions starting from 15.7 before 15.7.
CVE-2022-3870: GitLab CE/EE Avatar Disclosure Vulnerability for Private Instances - Exploit and Mitigation
A recently discovered vulnerability, CVE-2022-3870, affects GitLab Community Edition (CE) and GitLab Enterprise Edition (EE) and permits unauthenticated individuals to download user avatars using the
CVE-2022-4037 - GitLab Race Condition Allows Email Spoofing and Account Takeover
In late 2022, a serious vulnerability was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE)—tracked as CVE-2022-4037. This issue directly affects all
CVE-2022-4167 - How Incorrect Authorization Checks in GitLab EE Left Group Access Tokens Exposed
In late 2022, a serious security issue was discovered in GitLab Enterprise Edition (EE) that affected every installation from version 13.11 up to but
Episode
00:00:00
00:00:00