An information disclosure issue in Gitlab CE/EE affecting all versions from 13.6 prior to 15.11.10, all versions from 16.0 prior to 16.0.6, all versions from 16.1 prior to 16.1.1, resulted in the. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. No vendor patch available.
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.1 prior to 15.11.10, all versions from 16.0 prior to 16.0.6, all versions from 16.1 prior to 16.1.1. Rated low severity (CVSS 3.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
An insecure connection between Systems Manager and CQI Reporter application could expose infusion data to an attacker. Rated low severity (CVSS 3.5), this vulnerability is low attack complexity. No vendor patch available.
In ShortcutInfo of ShortcutInfo.java, there is a possible way for an app to retain notification listening access due to an uncaught exception. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.
In startInput of AudioPolicyInterfaceImpl.cpp, there is a possible way of erroneously displaying the microphone privacy indicator due to a race condition. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required.