Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gitlab gitlab-shell vulnerabilities and exploits
(subscribe to this query)
NA
CVE_2022_40684
Official Writeup - Simple CTF 2.0 Created: April 23, 2024 7:50 PM Today I completed an other room on TryHackMe with a simple file-upload vulnerability which I built. I have tried for dancing around this whole CTF machine and getting a lot of walls of challenges in the end it co...
1 Github repository
3.5
CVSSv2
CVE-2021-22254
Under very specific conditions a user could be impersonated using Gitlab shell. This vulnerability affects GitLab CE/EE 13.1 and later up to and including 14.1.2, 14.0.7 and 13.12.9.
Gitlab Gitlab
4
CVSSv2
CVE-2021-22177
Potential DoS was identified in gitlab-shell in GitLab CE/EE version 12.6.0 or above, which allows an malicious user to spike the server resource utilization via gitlab-shell command.
Gitlab Gitlab
6.5
CVSSv2
CVE-2013-4583
The parse_cmd function in lib/gitlab_shell.rb in GitLab 5.0 prior to 5.4.2, Community Edition prior to 6.2.4, and Enterprise Edition prior to 6.2.1 and gitlab-shell prior to 1.7.8 allows remote authenticated users to gain privileges and clone arbitrary repositories.
Gitlab Gitlab
Gitlab Gitlab-shell
4
CVSSv2
CVE-2013-4582
The (1) create_branch, (2) create_tag, (3) import_project, and (4) fork_project functions in lib/gitlab_projects.rb in GitLab 5.0 prior to 5.4.2, Community Edition prior to 6.2.4, Enterprise Edition prior to 6.2.1 and gitlab-shell prior to 1.7.8 allows remote authenticated users ...
Gitlab Gitlab
Gitlab Gitlab-shell
6.5
CVSSv2
CVE-2013-4546
The repository import feature in gitlab-shell prior to 1.7.4, as used in GitLab, allows remote authenticated users to execute arbitrary commands via the import URL.
Gitlab Gitlab 6.0.0
Gitlab Gitlab 5.1.0
Gitlab Gitlab 5.3.0
Gitlab Gitlab-shell 1.3.0
Gitlab Gitlab-shell 1.5.0
Gitlab Gitlab-shell
Gitlab Gitlab 5.4.1
Gitlab Gitlab 5.4.2
Gitlab Gitlab-shell 1.0.4
Gitlab Gitlab-shell 1.1.0
Gitlab Gitlab 6.2.0
Gitlab Gitlab 6.2.1
Gitlab Gitlab 6.2.2
Gitlab Gitlab 5.0.0
Gitlab Gitlab-shell 1.6.0
Gitlab Gitlab-shell 1.7.0
Gitlab Gitlab-shell 1.7.1
Gitlab Gitlab-shell 1.7.2
Gitlab Gitlab 6.1.0
Gitlab Gitlab 5.0.1
Gitlab Gitlab 5.2.0
Gitlab Gitlab 5.4.0
6.5
CVSSv2
CVE-2013-4490
The SSH key upload feature (lib/gitlab_keys.rb) in gitlab-shell prior to 1.7.3, as used in GitLab 5.0 prior to 5.4.1 and 6.x prior to 6.2.3, allows remote authenticated users to execute arbitrary commands via shell metacharacters in the public key.
Gitlab Gitlab 6.0.0
Gitlab Gitlab 6.2.0
Gitlab Gitlab 5.2.0
Gitlab Gitlab 5.0.1
Gitlab Gitlab-shell
Gitlab Gitlab-shell 1.4.0
Gitlab Gitlab-shell 1.2.0
Gitlab Gitlab-shell 1.7.1
Gitlab Gitlab-shell 1.7.0
Gitlab Gitlab-shell 1.6.0
Gitlab Gitlab-shell 1.5.0
Gitlab Gitlab 6.2.1
Gitlab Gitlab 6.2.2
Gitlab Gitlab 5.4.0
Gitlab Gitlab 5.3.0
Gitlab Gitlab-shell 1.0.4
Gitlab Gitlab 6.1.0
Gitlab Gitlab 5.1.0
Gitlab Gitlab 5.0.0
Gitlab Gitlab-shell 1.3.0
Gitlab Gitlab-shell 1.1.0
1 EDB exploit
6.8
CVSSv2
CVE-2013-4581
GitLab 5.0 prior to 5.4.2, Community Edition prior to 6.2.4, Enterprise Edition prior to 6.2.1 and gitlab-shell prior to 1.7.8 allows remote malicious users to execute arbitrary code via a crafted change using SSH.
Gitlab Gitlab 3.1.0
Gitlab Gitlab 3.0.3
Gitlab Gitlab 3.0.2
Gitlab Gitlab 3.0.1
Gitlab Gitlab 2.1.0
Gitlab Gitlab 2.0.0
Gitlab Gitlab 1.2.2
Gitlab Gitlab 1.2.1
Gitlab Gitlab 1.2.0
Gitlab Gitlab 6.1.0
Gitlab Gitlab 6.0.0
Gitlab Gitlab 5.4.1
Gitlab Gitlab 5.0.1
Gitlab Gitlab 4.2.0
Gitlab Gitlab 4.0.0
Gitlab Gitlab 3.0.0
Gitlab Gitlab 2.9.0
Gitlab Gitlab 2.3.1
Gitlab Gitlab 2.2.0
Gitlab Gitlab 1.0.2
Gitlab Gitlab 1.0.0
Gitlab Gitlab
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started