CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

CVE-2023-6905

CVE-2023-6903

CVE-2023-6904

CVE-2023-3907

A Cross Site Request Forgery issue has been discovered in GitLab CE/EE affecting all versions before 15.6.7, all versions starting from 15.7 before 15.7.6, and all versions starting from 15.8 before 15.8.1. An attacker could take over a project if an Owner or Maintainer uploads a file to a malicious project.

Skip to content

GitLab

Next

*   *   GitLab: the DevOps platform
    *   Explore GitLab
    *   Install GitLab
    *   How GitLab compares
    *   Get started
    *   GitLab docs
    *   GitLab Learn
    
*   Pricing
*   Talk to an expert

*   /
    
*   

*   Help
    
    *   Help
    *   Support
    *   Community forum
    
    *   Submit feedback
    *   Contribute to GitLab
    
*   *   
    
    Projects Groups Snippets
    
*   Register
*   Sign in

*   GitLab.org
*   cves
*   Repository

Switch branch/tag

*   cves
*   2022
*   **CVE-2022-4138.json**

Find file BlameHistoryPermalink

*   Publishing 0 updated advisories and 1 new advisories · 1bc6107f
    
    🤖 GitLab Bot 🤖 authored Feb 13, 2023
    
    1bc6107f

Headline

CVE-2022-4138: 2022/CVE-2022-4138.json · master · GitLab.org / cves · GitLab

CVE: Latest News