Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An authorization logic error in the External Status Check API in GitLab EE affecting all versions starting from 14.1 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, allowed a user to update the status of the check via an API call
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Vulnerability Type
N/A
Vulnerability Title
GitLab Enterprise Edition 授权问题漏洞
Vulnerability Description
GitLab Enterprise Edition是一套内容管理系统。 GitLab Enterprise Edition 存在授权问题漏洞,该漏洞源于外部状态检查API中的授权逻辑错误而存在的。远程认证的攻击者可以通过API调用更新检查状态。该漏洞允许远程攻击者绕过授权检查。
CVSS Information
N/A
Vulnerability Type
N/A