- 01 Nov, 2019 7 commits
-
-
GitLab Bot authored
-
GitLab Bot authored
-
GitLab Bot authored
-
GitLab Bot authored
-
GitLab Bot authored
-
GitLab Bot authored
-
GitLab Bot authored
-
- 31 Oct, 2019 8 commits
-
-
GitLab Bot authored
-
GitLab Bot authored
-
GitLab Bot authored
-
GitLab Bot authored
-
GitLab Bot authored
-
GitLab Bot authored
-
GitLab Bot authored
-
GitLab Bot authored
-
- 30 Oct, 2019 6 commits
-
-
GitLab Bot authored
-
GitLab Bot authored
-
Yorick Peterse authored
-
GitLab Bot authored
-
GitLab Bot authored
-
GitLab Bot authored
-
- 29 Oct, 2019 19 commits
-
-
GitLab Bot authored
-
GitLab Release Tools Bot authored
Hide private members in project member autocomplete See merge request gitlab/gitlabhq!3212
-
GitLab Release Tools Bot authored
Nested GraphQL query with circular relationship can cause Denial of Service See merge request gitlab/gitlabhq!3360
-
GitLab Release Tools Bot authored
Improper access control allows the attacker to comment in internal commit after they are no longer admin See merge request gitlab/gitlabhq!3372
-
Charlie Ablett authored
Improper access control allows the attacker to comment in internal commit after they are no longer admin
-
GitLab Release Tools Bot authored
Labels visible despite no access to issues & repositories See merge request gitlab/gitlabhq!3409
-
GitLab Release Tools Bot authored
Project path reveals labels from Private project if the issue is moved to public project See merge request gitlab/gitlabhq!3419
-
GitLab Release Tools Bot authored
Require Maintainer permission on group where project is transferred to See merge request gitlab/gitlabhq!3420
-
GitLab Release Tools Bot authored
Sanitize search text to prevent XSS See merge request gitlab/gitlabhq!3453
-
GitLab Release Tools Bot authored
Private/internal repository enumeration via bruteforce on a vulnerable URL See merge request gitlab/gitlabhq!3454
-
GitLab Release Tools Bot authored
Only assign merge params when allowed See merge request gitlab/gitlabhq!3458
-
GitLab Release Tools Bot authored
Pass all wiki markup formats through our Banzai pipeline filters See merge request gitlab/gitlabhq!3461
-
GitLab Release Tools Bot authored
Mask sentry auth token See merge request gitlab/gitlabhq!3462
-
GitLab Release Tools Bot authored
Use the '\A' and '\z' regex anchors in `InternalRedirect` to mitigate an Open Redirect issue. Closes #2934 See merge request gitlab/gitlabhq!3466
-
GitLab Release Tools Bot authored
Filter out search results based on permissions to avoid bugs leaking data See merge request gitlab/gitlabhq!3493
-
GitLab Release Tools Bot authored
Return 404 on LFS request if project doesn't exist See merge request gitlab/gitlabhq!3505
-
GitLab Bot authored
-
GitLab Bot authored
-
GitLab Bot authored
-