Описание
An issue has been discovered in GitLab DAST API scanner affecting all versions starting from 1.6.50 before 2.11.0, where Authorization headers was leaked in vulnerability report evidence.
Ссылки
- Vendor Advisory
- ExploitVendor Advisory
- Permissions Required
- Vendor Advisory
- ExploitVendor Advisory
- Permissions Required
Уязвимые конфигурации
Конфигурация 1Версия от 1.6.50 (включая) до 2.11.0 (исключая)
cpe:2.3:a:gitlab:dynamic_application_security_testing_analyzer:*:*:*:*:*:*:*:*
EPSS
Процентиль: 39%
0.00173
Низкий
5 Medium
CVSS3
4.3 Medium
CVSS3
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 4.3
github
почти 3 года назад
An issue has been discovered in GitLab DAST API scanner affecting all versions starting from 1.6.50 before 2.11.0, where Authorization headers was leaked in vulnerability report evidence.
EPSS
Процентиль: 39%
0.00173
Низкий
5 Medium
CVSS3
4.3 Medium
CVSS3
Дефекты
NVD-CWE-noinfo