Gitlab: >> Dynamic Application Security Testing Analyzer >> 1.14.0 Security Vulnerabilities
An issue has been discovered in GitLab DAST API scanner affecting all versions starting from 1.6.50 before 2.11.0, where Authorization headers was leaked in vulnerability report evidence.
CVSS Score
5.0
EPSS Score
0.001
Published
2023-03-27
Missing validation in DAST analyzer affecting all versions from 1.11.0 prior to 3.0.32, allows custom request headers to be sent with every request, regardless of the host.
CVSS Score
7.7
EPSS Score
0.001
Published
2023-03-09