Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Improper Control of Resource Identifiers ('Resource Injection') in GitLab
Vulnerability Description
A resource misdirection vulnerability in GitLab CE/EE versions 12.0 prior to 17.0.5, 17.1 prior to 17.1.3, and 17.2 prior to 17.2.1 allows an attacker to craft a repository import in such a way as to misdirect commits.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
Vulnerability Type
对资源描述符的控制不恰当(资源注入)
Vulnerability Title
GitLab CE/EE 安全漏洞
Vulnerability Description
GitLab Enterprise Edition(EE)和GitLab Community Edition(CE)都是美国GitLab公司的产品。GitLab Enterprise Edition是一套内容管理系统。GitLab Community Edition是一种社区版 GitLab 。 GitLab CE/EE存在安全漏洞。攻击者利用该漏洞以误导提交的方式制作存储库导入。以下版本受到影响:12.0版本至17.0.5之前版本、17.1版本至17.1.3之前版本和17.2版本至17.2.1之前版本。
CVSS Information
N/A
Vulnerability Type
N/A