0xn3va

2 exploits Active since Jul 2021
CVE-2021-22233 WRITEUP MEDIUM WRITEUP
GitLab 13.10.0-13.11.6 - Unauthenticated Information Disclosure via Project Details
An information disclosure vulnerability in GitLab EE versions 13.10 and later allowed a user to read project details
CVSS 4.3
CVE-2022-2455 WRITEUP MEDIUM WRITEUP
GitLab 10.0.0-15.1.5, 15.2.0-15.2.3, 15.3.0-15.3.1 - Authenticated Resource Exhaustion via Malicious Project Import
A business logic issue in the handling of large repositories in all versions of GitLab CE/EE from 10.0 before 15.1.6, all versions starting from 15.2 before 15.2.4, all versions starting from 15.3 before 15.3.2 allowed an authenticated and authorized user to exhaust server resources by importing a malicious project.
CVSS 6.5