CVE-2023-3906: Critical Input Validation Vulnerability in GitLab EE Asset Proxy that Allows Authenticated Attackers to Bypass the Asset Proxy
A significant input validation vulnerability in the asset proxy of GitLab Enterprise Edition (EE) has been discovered, which affects all versions of GitLab from 12.
CVE-2023-0989: Information Disclosure Issue in GitLab CE/EE - Extracting Non-Protected CI/CD Variables Through Malicious Forks
A critical vulnerability, identified as CVE-2023-0989, has been discovered in GitLab Community Edition (CE) and Enterprise Edition (EE). This information disclosure issue affects all GitLab
CVE-2023-3917: Denial of Service Vulnerability in GitLab Pipelines Affecting All Versions Prior to Specified Patches
A recent CVE (Common Vulnerabilities and Exposures) report, identified as CVE-2023-3917, reveals a significant denial of service vulnerability in GitLab Enterprise Edition (EE) and Community
CVE-2023-3979 - GitLab Permissions Vulnerability Allows Unauthorized Write Access to Merge Request's Source Branch
A security issue, tracked as CVE-2023-3979, has been discovered in GitLab that affects all versions starting from 10.6 before 16.2.8, all versions
CVE-2023-3115: GitLab EE Single Sign On Vulnerability Affecting Public Members-Only Project Repositories Access Control
A recently discovered security vulnerability in GitLab EE, known as CVE-2023-3115, has been found to affect multiple versions of the popular web-based Git repository manager.
Episode
00:00:00
00:00:00