Описание
An issue has been discovered in GitLab affecting all versions before 15.9.8, 15.10.0 before 15.10.7, and 15.11.0 before 15.11.3. A malicious developer could use a git feature called refs/replace to smuggle content into a merge request which would not be visible during review in the UI.
Ссылки
- Third Party Advisory
- Broken Link
- Permissions Required
- Third Party Advisory
- Broken Link
- Permissions Required
Уязвимые конфигурации
Одно из
EPSS
6.3 Medium
CVSS3
6.5 Medium
CVSS3
Дефекты
Связанные уязвимости
An issue has been discovered in GitLab affecting all versions before 15.9.8, 15.10.0 before 15.10.7, and 15.11.0 before 15.11.3. A malicious developer could use a git feature called refs/replace to smuggle content into a merge request which would not be visible during review in the UI.
An issue has been discovered in GitLab affecting all versions before 1 ...
An issue has been discovered in GitLab affecting all versions before 15.9.8, 15.10.0 before 15.10.7, and 15.11.0 before 15.11.3. A malicious developer could use a git feature called refs/replace to smuggle content into a merge request which would not be visible during review in the UI.
EPSS
6.3 Medium
CVSS3
6.5 Medium
CVSS3