Описание
GitLab::API::v4 through 0.26 does not verify TLS certificates when connecting to a GitLab server, enabling machine-in-the-middle attacks.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| devel | not-affected | |
| esm-apps/bionic | ignored | fix is likely to introduce a regression on existing deployments |
| esm-apps/noble | not-affected | |
| esm-infra/focal | ignored | fix is likely to introduce a regression on existing deployments |
| focal | ignored | end of standard support, was ignored [fix is likely to introduce a regression on existing deployments] |
| jammy | ignored | fix is likely to introduce a regression on existing deployments |
| kinetic | ignored | end of life, was needed |
| lunar | ignored | end of life, was needed |
| mantic | ignored | end of life, was needed |
Показывать по
10
Ссылки на источники
5.9 Medium
CVSS3
Связанные уязвимости
CVSS3: 5.9
nvd
почти 3 года назад
GitLab::API::v4 through 0.26 does not verify TLS certificates when connecting to a GitLab server, enabling machine-in-the-middle attacks.
CVSS3: 5.9
debian
почти 3 года назад
GitLab::API::v4 through 0.26 does not verify TLS certificates when con ...
CVSS3: 5.9
github
почти 3 года назад
GitLab::API::v4 through 0.26 does not verify TLS certificates when connecting to a GitLab server, enabling machine-in-the-middle attacks.
5.9 Medium
CVSS3