Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gitlab gitlab vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2020-14001
The kramdown gem prior to 2.3.0 for Ruby processes the template option inside Kramdown documents by default, which allows unintended read access (such as template="/etc/passwd") or unintended embedded Ruby code execution (such as a string that begins with template="...
Kramdown Project Kramdown
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Canonical Ubuntu Linux 20.04
668
VMScore
CVE-2020-10980
GitLab EE/CE 8.0.rc1 to 12.9 is vulnerable to a blind SSRF in the FogBugz integration.
Gitlab Gitlab
668
VMScore
CVE-2020-10956
GitLab 8.10 and later up to and including 12.9 is vulnerable to an SSRF in a project import note feature.
Gitlab Gitlab
668
VMScore
CVE-2020-10074
GitLab 10.1 up to and including 12.8.1 has Incorrect Access Control. A scenario exists in which a GitLab account could be taken over through an expired link.
Gitlab Gitlab
668
VMScore
CVE-2020-10077
GitLab EE 3.0 up to and including 12.8.1 allows SSRF. An internal investigation revealed that a particular deprecated service was creating a server side request forgery risk.
Gitlab Gitlab
668
VMScore
CVE-2019-12443
An issue exists in GitLab Community and Enterprise Edition 10.2 up to and including 11.11. Multiple features contained Server-Side Request Forgery (SSRF) vulnerabilities caused by an insufficient validation to prevent DNS rebinding attacks.
Gitlab Gitlab
668
VMScore
CVE-2019-12428
An issue exists in GitLab Community and Enterprise Edition 6.8 up to and including 11.11. Users could bypass the mandatory external authentication provider sign-in restrictions by sending a specially crafted request. It has Improper Authorization.
Gitlab Gitlab
668
VMScore
CVE-2020-8113
GitLab 10.7 and later up to and including 12.7.2 has Incorrect Access Control.
Gitlab Gitlab
668
VMScore
CVE-2020-8114
GitLab EE 8.9 and later up to and including 12.7.2 has Insecure Permission
Gitlab Gitlab
668
VMScore
CVE-2019-15585
Improper authentication exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE) in the GitLab SAML integration had a validation issue that permitted an malicious user to takeover another user's account.
Gitlab Gitlab
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-28995
CVE-2024-36680
CVE-2024-35537
unauthorized
CVE-2024-21518
CVE-2024-37673
cross-site scripting
SSRF
CVE-2024-6241
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »