Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Authorization Bypass Through User-Controlled Key in GitLab
Vulnerability Description
A vulnerability in GitLab-EE affecting all versions from 16.2 prior to 17.7.6, 17.8 prior to 17.8.4, and 17.9 prior to 17.9.1 allows a Guest user to read Security policy YAML
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
通过用户控制密钥绕过授权机制
Vulnerability Title
GitLab Enterprise Edition 安全漏洞
Vulnerability Description
GitLab Enterprise Edition(EE)是美国GitLab公司的一套内容管理系统。 GitLab Enterprise Edition 16.2至17.7.6之前版本、17.8至17.8.4之前版本和17.9至17.9.1之前版本存在安全漏洞,该漏洞源于Guest用户可读取安全策略YAML。
CVSS Information
N/A
Vulnerability Type
N/A