Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Due to improper handling of OAuth client IDs, new subscriptions generated OAuth tokens on an incorrect OAuth client application. This vulnerability is present in GitLab CE/EE since version 14.1.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
Vulnerability Type
N/A
Vulnerability Title
GitLab 输入验证错误漏洞
Vulnerability Description
GitLab是美国GitLab公司的一款使用Ruby on Rails开发的、自托管的、Git(版本控制系统)项目仓库应用程序。该程序可用于查阅项目的文件内容、提交历史、Bug列表等。 GitLab 存在输入验证错误漏洞,该漏洞源于 OAuth 客户端 ID 处理不当,新订阅会在不正确的 OAuth 客户端应用程序上生成 OAuth 令牌。
CVSS Information
N/A
Vulnerability Type
N/A