Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Missing filtering in an error message in GitLab CE/EE affecting all versions prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 exposed sensitive information when an include directive fails in the CI/CD configuration.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N
Vulnerability Type
N/A
Vulnerability Title
GitLab Community Edition和GitLab Enterprise Edition 信息泄露漏洞
Vulnerability Description
GitLab Enterprise Edition是一套内容管理系统。GitLab Community Edition是美国GitLab公司的一种社区版 GitLab 。 GitLab Community Edition (CE) and Enterprise Edition (EE)存在信息泄露漏洞,该漏洞是由于错误消息中缺少过滤而存在的。当 CI/CD 配置中的 include 指令失败时,远程用户可以获得对敏感信息的未经授权的访问。该漏洞允许远程攻击者获得对潜在敏感信息的访问。
CVSS Information
N/A
Vulnerability Type
N/A