U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.


Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:2.3:a:gitlab:dynamic_application_security_testing_analyzer:1.15.0:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 2 matching records.
Displaying matches 1 through 2.
Vuln ID Summary CVSS Severity

An issue has been discovered in GitLab DAST API scanner affecting all versions starting from 1.6.50 before 2.11.0, where Authorization headers was leaked in vulnerability report evidence.

Published: March 27, 2023; 6:15:21 PM -0400
V4.0:(not available)
V3.1: 4.3 MEDIUM
V2.0:(not available)

Missing validation in DAST analyzer affecting all versions from 1.11.0 prior to 3.0.32, allows custom request headers to be sent with every request, regardless of the host.

Published: March 09, 2023; 6:15:10 PM -0500
V4.0:(not available)
V3.1: 6.5 MEDIUM
V2.0:(not available)