CVE-2023-3914 - GitLab EE Business Logic Error Exposes Internal Projects (With Exploit Details)
In late 2023, security researchers disclosed a critical business logic flaw in GitLab EE (Enterprise Edition) tracked as CVE-2023-3914. This vulnerability affects all GitLab EE
CVE-2023-3115 - Bypassing SSO Restrictions in GitLab EE – What You Need to Know
If you are managing a GitLab server (especially GitLab Enterprise Edition), you probably rely on Single Sign-On (SSO) to control access to your company’s
CVE-2023-5009 - Breaking Down the GitLab EE Security Policy Bypass (with Exploit Walkthrough)
Published: 2024-06-20
*by SecurityResearcherJoe*
What is CVE-2023-5009?
CVE-2023-5009 is a critical vulnerability discovered in GitLab Enterprise Edition (EE) that lets attackers run pipeline jobs as
CVE-2023-4630: GitLab Unauthorized Project Imports Information Disclosure Vulnerability
A recent vulnerability, CVE-2023-4630, has been identified and is currently affecting different versions of GitLab, a widely-used web-based software for managing Git repositories. The vulnerability
CVE-2023-4647 - Exploiting GitLab Projects API Pagination Bypass and Potential DoS
If you're running a self-hosted GitLab instance, especially anything from 15.2 up until the patch releases in mid-2023, there's an
Episode
00:00:00
00:00:00