Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gitlab runner vulnerabilities and exploits
(subscribe to this query)
801
VMScore
CVE-2020-13347
A command injection vulnerability exists in Gitlab runner versions before 13.2.4, 13.3.2 and 13.4.1. When the runner is configured on a Windows system with a docker executor, which allows the malicious user to run arbitrary commands on Windows host, via DOCKER_AUTH_CONFIG build v...
Gitlab Gitlab
668
VMScore
CVE-2022-0735
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.10 prior to 14.6.5, all versions starting from 14.7 prior to 14.7.4, all versions starting from 14.8 prior to 14.8.2. An unauthorised user was able to steal runner registration tokens through an ...
Gitlab Gitlab
668
VMScore
CVE-2017-0915
Gitlab Community Edition version 10.2.4 is vulnerable to a lack of input validation in the GitlabProjectsImportService resulting in remote code execution.
Gitlab Gitlab
Debian Debian Linux 9.0
668
VMScore
CVE-2017-0916
Gitlab Community Edition version 10.3 is vulnerable to a lack of input validation in the system_hook_push queue through web hook component resulting in remote code execution.
Gitlab Gitlab
Debian Debian Linux 9.0
605
VMScore
CVE-2018-3710
Gitlab Community and Enterprise Editions version 10.3.3 is vulnerable to an Insecure Temporary File in the project import component resulting remote code execution.
Gitlab Gitlab
Debian Debian Linux 9.0
578
VMScore
CVE-2020-13295
For GitLab Runner prior to 13.0.12, 13.1.6, 13.2.3, by replacing dockerd with a malicious server, the Shared Runner is susceptible to SSRF.
Gitlab Runner
578
VMScore
CVE-2017-0918
Gitlab Community Edition version 10.3 is vulnerable to a path traversal issue in the GitLab CI runner component resulting in remote code execution.
Gitlab Gitlab
Debian Debian Linux 9.0
578
VMScore
CVE-2017-0926
Gitlab Community Edition version 10.3 is vulnerable to an improper authorization issue in the Oauth sign-in component resulting in unauthorized user login.
Gitlab Gitlab
Debian Debian Linux 9.0
534
VMScore
CVE-2020-13327
An issue has been discovered in GitLab Runner affecting all versions starting from 13.4.0 prior to 13.4.2, all versions starting from 13.3.0 prior to 13.3.7, all versions starting from 13.2.0 prior to 13.2.10. Insecure Runner Configuration in Kubernetes Environments
Gitlab Runner
490
VMScore
CVE-2019-15721
An issue exists in GitLab Community and Enterprise Edition 10.8 up to and including 12.2.1. An internal endpoint unintentionally allowed group maintainers to view and edit group runner settings.
Gitlab Gitlab
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-6267
XML injection
CVE-2024-37673
CVE-2024-6266
CVE-2024-30078
arbitrary
CVE-2024-36886
CVE-2024-5346
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »