Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gitlab gitlab vulnerabilities and exploits
(subscribe to this query)
578
VMScore
CVE-2020-13290
In GitLab prior to 13.0.12, 13.1.6, and 13.2.3, improper access control was used on the Applications page
Gitlab Gitlab
578
VMScore
CVE-2020-13295
For GitLab Runner prior to 13.0.12, 13.1.6, 13.2.3, by replacing dockerd with a malicious server, the Shared Runner is susceptible to SSRF.
Gitlab Runner
578
VMScore
CVE-2020-2228
Jenkins Gitlab Authentication Plugin 1.5 and previous versions does not perform group authorization checks properly, resulting in a privilege escalation vulnerability.
Jenkins Gitlab Authentication
578
VMScore
CVE-2020-13263
An authorization issue relating to project maintainer impersonation was identified in GitLab EE 9.5 and later up to and including 13.0.1 that could allow unauthorized users to impersonate as a maintainer to perform limited actions.
Gitlab Gitlab
Gitlab Gitlab 13.0.0
578
VMScore
CVE-2020-13272
OAuth flow missing verification checks CE/EE 12.3 and later up to and including 13.0.1 allows unverified user to use OAuth authorization code flow
Gitlab Gitlab
Gitlab Gitlab 13.0.0
578
VMScore
CVE-2020-13270
Missing permission check on fork relation creation in GitLab CE/EE 11.3 and later up to and including 13.0.1 allows guest users to create a fork relation on restricted public projects via API
Gitlab Gitlab
578
VMScore
CVE-2019-12430
An issue exists in GitLab Community and Enterprise Edition 11.11. A specially crafted payload would allow an authenticated malicious user to execute commands remotely through the repository download feature. It allows Command Injection.
Gitlab Gitlab 11.11.0
578
VMScore
CVE-2013-4583
The parse_cmd function in lib/gitlab_shell.rb in GitLab 5.0 prior to 5.4.2, Community Edition prior to 6.2.4, and Enterprise Edition prior to 6.2.1 and gitlab-shell prior to 1.7.8 allows remote authenticated users to gain privileges and clone arbitrary repositories.
Gitlab Gitlab
Gitlab Gitlab-shell
578
VMScore
CVE-2019-5468
An privilege escalation issue exists in Gitlab versions < 12.1.2, < 12.0.4, and < 11.11.6 when Mattermost slash commands are used with a blocked account.
Gitlab Gitlab
578
VMScore
CVE-2018-20501
An issue exists in GitLab Community and Enterprise Edition prior to 11.4.13, 11.5.x prior to 11.5.6, and 11.6.x prior to 11.6.1. It has Incorrect Access Control.
Gitlab Gitlab
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-28995
CVE-2024-36680
CVE-2024-35537
unauthorized
CVE-2024-21518
CVE-2024-37673
cross-site scripting
SSRF
CVE-2024-6241
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »