Search CVE reports
261 – 270 of 1245 results
CVE-2022-3375
Medium priorityAn issue has been discovered in GitLab affecting all versions starting from 11.10 before 15.8.5, all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. It was possible to disclose the...
1 affected packages
gitlab
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gitlab | Not in release | Not in release | Not in release | — | Ignored |
CVE-2023-28434
High priorityMinio is a Multi-Cloud Object Storage framework. Prior to RELEASE.2023-03-20T20-16-18Z, an attacker can use crafted requests to bypass metadata bucket name checking and put an object into any bucket while processing...
2 affected packages
golang-github-minio-minio-go, golang-github-minio-minio-go-v7
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
golang-github-minio-minio-go | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Ignored |
golang-github-minio-minio-go-v7 | Needs evaluation | Needs evaluation | Not in release | Not in release | Ignored |
CVE-2023-28433
Medium priorityMinio is a Multi-Cloud Object Storage framework. All users on Windows prior to version RELEASE.2023-03-20T20-16-18Z are impacted. MinIO fails to filter the `\` character, which allows for arbitrary object placement across buckets....
2 affected packages
golang-github-minio-minio-go, golang-github-minio-minio-go-v7
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
golang-github-minio-minio-go | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Ignored |
golang-github-minio-minio-go-v7 | Needs evaluation | Needs evaluation | Not in release | Not in release | Ignored |
CVE-2023-28432
High priorityMinio is a Multi-Cloud Object Storage framework. In a cluster deployment starting with RELEASE.2019-12-17T23-16-33Z and prior to RELEASE.2023-03-20T20-16-18Z, MinIO returns all environment variables, including `MINIO_SECRET_KEY`...
2 affected packages
golang-github-minio-minio-go, golang-github-minio-minio-go-v7
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
golang-github-minio-minio-go | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Ignored |
golang-github-minio-minio-go-v7 | Needs evaluation | Needs evaluation | Not in release | Not in release | Ignored |
CVE-2023-28119
Medium priorityThe crewjam/saml go library contains a partial implementation of the SAML standard in golang. Prior to version 0.4.13, the package's use of `flate.NewReader` does not limit the size of the input. The user can pass more than 1 MB...
1 affected packages
golang-github-crewjam-saml
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
golang-github-crewjam-saml | Needs evaluation | Needs evaluation | Not in release | Not in release | Ignored |
CVE-2022-3767
Medium priorityMissing validation in DAST analyzer affecting all versions from 1.11.0 prior to 3.0.32, allows custom request headers to be sent with every request, regardless of the host.
1 affected packages
gitlab
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gitlab | — | Not in release | Not in release | Not in release | Ignored |
CVE-2022-3758
Medium priorityAn issue has been discovered in GitLab affecting all versions starting from 15.5 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. Due to improper permissions checks an...
1 affected packages
gitlab
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gitlab | — | Not in release | Not in release | Not in release | Ignored |
CVE-2023-1072
Medium priorityAn issue has been discovered in GitLab affecting all versions starting from 9.0 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. It was possible to trigger a resource...
1 affected packages
gitlab
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gitlab | — | Not in release | Not in release | Not in release | Ignored |
CVE-2023-0050
Medium priorityAn issue has been discovered in GitLab affecting all versions starting from 13.7 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. A specially crafted Kroki diagram could...
1 affected packages
gitlab
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gitlab | — | Not in release | Not in release | Not in release | Ignored |
CVE-2023-0223
Medium priorityAn issue has been discovered in GitLab affecting all versions starting from 15.5 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. Non-project members could retrieve...
1 affected packages
gitlab
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gitlab | — | Not in release | Not in release | Not in release | Ignored |