Rashin lahani a cikin GitLab wanda ke ba da izinin satar asusu da aiwatar da umarni a ƙarƙashin wani mai amfani
An buga sabuntawar sabuntawa ga dandamali don tsara haɓaka haɗin gwiwa - GitLab 16.7.2, 16.6.4 da 16.5.6, waɗanda ke gyara lahani biyu masu mahimmanci. Rashin lahani na farko (CVE-2023-7028), wanda aka sanya matsakaicin matsakaicin matakin (10 cikin 10), yana ba ku damar ƙwace asusun wani ta hanyar yin amfani da fom ɗin dawo da kalmar sirri da aka manta. Rashin lahani yana faruwa ne ta hanyar ikon aika imel tare da lambar sake saitin kalmar sirri zuwa rashin tabbas […]