8Ayac

#11317de 53,633
24.3CVSS total
Vulnerabilidades · 4
Média
4
PT-2023-10701
5.4
2023-04-15
Gitlab · Gitlab Ce/Ee · CVE-2018-17454
**Name of the Vulnerable Software and Affected Versions** GitLab Community and Enterprise Edition versions 11.1.0 through 11.1.7 GitLab Community and Enterprise Edition versions 11.2.0 through 11.2.4 GitLab Community and Enterprise Edition versions 11.3.0 through 11.3.1 **Description** The issue is related to stored XSS on the issue details screen. **Recommendations** For versions 11.1.0 through 11.1.7, update to version 11.1.7 or later. For versions 11.2.0 through 11.2.4, update to version 11.2.4 or later. For versions 11.3.0 through 11.3.1, update to version 11.3.1 or later.
PT-2020-9364
5.9
2020-03-10
Gitlab · Gitlab Ce/Ee · CVE-2019-13010
**Nome do software vulnerável e versões afetadas: GitLab Enterprise Edition, versões 8.3 a 12.0.2 Descrição: Foi detectada uma falha no decodificador de códigos de cores, que estava vulnerável a um ataque de esgotamento de recursos caso fossem utilizados formatos específicos, permitindo o consumo descontrolado de recursos. A falha também envolve um controle de acesso incorreto. Recomendações: Para as versões 8.3 a 12.0.2 do GitLab Enterprise Edition, considere desativar o decodificador de códigos de cores como uma solução temporária até que um patch esteja disponível. Restrinja o acesso ao módulo do decodificador de códigos de cores para minimizar o risco de exploração.
PT-2019-18344
6.5
2019-09-09
Gitlab · Gitlab Ce/Ee · CVE-2019-6785
**Name of the Vulnerable Software and Affected Versions** GitLab Community and Enterprise Edition versions prior to 11.5.8 GitLab Community and Enterprise Edition versions 11.6.x prior to 11.6.6 GitLab Community and Enterprise Edition versions 11.7.x prior to 11.7.1 **Description** The issue allows for Denial of Service. Inputting an overly long string into a Markdown field could cause a denial of service. **Recommendations** For versions prior to 11.5.8, update to version 11.5.8 or later. For versions 11.6.x prior to 11.6.6, update to version 11.6.6 or later. For versions 11.7.x prior to 11.7.1, update to version 11.7.1 or later.
PT-2018-14551
6.5
2018-12-04
Gitlab · Gitlab Ce/Ee · CVE-2018-18640
**Name of the Vulnerable Software and Affected Versions** GitLab Community and Enterprise Edition versions prior to 11.2.7 GitLab Community and Enterprise Edition versions 11.3.x prior to 11.3.8 GitLab Community and Enterprise Edition versions 11.4.x prior to 11.4.3 **Description** The issue is related to Information Exposure Through Browser Caching. **Recommendations** For versions prior to 11.2.7, update to version 11.2.7 or later. For versions 11.3.x prior to 11.3.8, update to version 11.3.8 or later. For versions 11.4.x prior to 11.4.3, update to version 11.4.3 or later.