GitLab EE/CE 8.11 through 12.9.1 allows blocked users to pull/push docker images.
Overview : GitLab EE/CE 8.11 through 12.9.1 allows blocked users to pull/push docker images. References Note: References are provided for the convenience
CVE-2024-8640 : GITLAB ENTERPRISE EDITION UP TO 17.1.6/17.2.4/17.3.1 CUBE SERVER COMMAND INJECTION
Description An issue has been discovered in GitLab EE affecting all versions starting from 16.11 prior to 17.1.7, from 17.2
GitLab Community Edition/Enterprise Edition 11.8 Pipeline Relationship resource consumption
A vulnerability was found in GitLab Community Edition and Enterprise Edition 11.8 (Bug Tracking Software). It has been rated as
Kube-Proxy and Headless Services
Kube-Proxy Kube-proxy implements a form of virtual IP for services for all types except ExternalName. Three modes are: (a) Proxy-mode:
A XSS issue in Gitlab CE/EE
Overview : XSS issue in Gitlab CE/EE Affected Product(s) : from 12.4 before 13.4.7, 13.5 before 13.5.5, and 13.6 before
Jenkins announces vulnerabilities
Overview : Stored XSS vulnerability in expandable textbox form control SECURITY-1498 / CVE-2019-10401 Jenkins form controls include an expandable textbox
Disclosure of Private Merge Requests and Issues via Elasticsearch integration
Overview : An access control issue exists in < 12.3.5, < 12.2.8, and < 12.1.14 for GitLab Community Edition (CE)