Day: Mart 28, 2022

CVE-2022-0283

An issue has been discovered affecting GitLab versions prior to 13.5. An open redirect vulnerability was fixed in GitLab integration with Jira that a could…

Devamını oku

CVE-2022-0249

A vulnerability was discovered in GitLab starting with version 12. GitLab was vulnerable to a blind SSRF attack since requests to shared address space were…

Devamını oku

CVE-2022-0123

An issue has been discovered affecting GitLab versions prior to 14.4.5, between 14.5.0 and 14.5.3, and between 14.6.0 and 14.6.1. GitLab does not validate SSL…

Devamını oku

CVE-2021-4191

An issue has been discovered in GitLab CE/EE affecting versions 13.0 to 14.6.5, 14.7 to 14.7.4, and 14.8 to 14.8.2. Private GitLab instances with restricted…

Devamını oku

CVE-2021-39876

In all versions of GitLab CE/EE since version 11.3, the endpoint for auto-completing Assignee discloses the members of private groups. Zafiyet ile ilgili Genel Bilgi,…

Devamını oku

CVE-2021-25071

The WordPress plugin through 2.0.1 does not sanitise and escape the translation parameter before outputting it back in an admin page, leading to a Reflected…

Devamını oku

CVE-2021-25068

The Sync WooCommerce Product feed to Google Shopping WordPress plugin through 1.2.4 uses the ‘feed_id’ POST parameter which is not properly sanitized for use in…

Devamını oku