Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue has been discovered in GitLab affecting all versions starting from 10.0 before 14.5.4, all versions starting from 10.1 before 14.6.4, all versions starting from 10.2 before 14.7.1. Private project paths can be disclosed to unauthorized users via system notes when an Issue is closed via a Merge Request and later moved to a public project
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
Vulnerability Type
N/A
Vulnerability Title
GitLab Enterprise Edition 和 Community Edition 路径遍历漏洞
Vulnerability Description
GitLab Enterprise Edition是一套内容管理系统。GitLab Community Edition是美国GitLab公司的一种社区版 GitLab 。 GitLab Enterprise Edition 和 Community Edition 存在路径遍历漏洞,该漏洞源于软件对于路径请求数据缺少有效的过滤与验证。远程管理员可以发送专门制作的HTTP请求,并读取系统上的任意文件。该漏洞允许远程用户执行目录遍历攻击。
CVSS Information
N/A
Vulnerability Type
N/A