Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gitlab gitlab runner vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2021-39939
An uncontrolled resource consumption vulnerability in GitLab Runner affecting all versions starting from 13.7 prior to 14.3.6, all versions starting from 14.4 prior to 14.4.4, all versions starting from 14.5 prior to 14.5.2, allows an attacker triggering a job with a specially cr...
Gitlab Gitlab
7.5
CVSSv2
CVE-2022-0735
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.10 prior to 14.6.5, all versions starting from 14.7 prior to 14.7.4, all versions starting from 14.8 prior to 14.8.2. An unauthorised user was able to steal runner registration tokens through an ...
Gitlab Gitlab
5.5
CVSSv2
CVE-2019-15721
An issue exists in GitLab Community and Enterprise Edition 10.8 up to and including 12.2.1. An internal endpoint unintentionally allowed group maintainers to view and edit group runner settings.
Gitlab Gitlab
4.3
CVSSv2
CVE-2020-13350
CSRF in runner administration page in all versions of GitLab CE/EE allows an attacker who's able to target GitLab instance administrators to pause/resume runners. Affected versions are >=13.5.0, <13.5.2,>=13.4.0, <13.4.5,<13.3.9.
Gitlab Gitlab
4
CVSSv2
CVE-2022-1099
Adding a very large number of tags to a runner in GitLab CE/EE affecting all versions before 14.7.7, 14.8 before 14.8.5, and 14.9 before 14.9.2 allows an malicious user to impact the performance of GitLab
Gitlab Gitlab
NA
CVE-2023-2478
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 prior to 15.9.7, all versions starting from 15.10 prior to 15.10.6, all versions starting from 15.11 prior to 15.11.2. Under certain conditions, a malicious unauthorized GitLab user may use a G...
Gitlab Gitlab
5
CVSSv2
CVE-2018-20500
An insecure permissions issue exists in GitLab Community and Enterprise Edition 9.4 and later but prior to 11.4.13, 11.5.x prior to 11.5.6, and 11.6.x prior to 11.6.1. The runner registration token in the CI/CD settings could not be reset. This was a security risk if one of the m...
Gitlab Gitlab
6.5
CVSSv2
CVE-2017-0918
Gitlab Community Edition version 10.3 is vulnerable to a path traversal issue in the GitLab CI runner component resulting in remote code execution.
Gitlab Gitlab
Debian Debian Linux 9.0
6.5
CVSSv2
CVE-2017-0926
Gitlab Community Edition version 10.3 is vulnerable to an improper authorization issue in the Oauth sign-in component resulting in unauthorized user login.
Gitlab Gitlab
Debian Debian Linux 9.0
6.8
CVSSv2
CVE-2018-3710
Gitlab Community and Enterprise Editions version 10.3.3 is vulnerable to an Insecure Temporary File in the project import component resulting remote code execution.
Gitlab Gitlab
Debian Debian Linux 9.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »