Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
freebsdFreeBSD0A305431-BC98-11EA-A051-001B217B3468
HistoryJul 01, 2020 - 12:00 a.m.

Gitlab -- Multiple Vulnerabilities

2020-07-0100:00:00
vuxml.freebsd.org
25

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.027 Low

EPSS

Percentile

90.4%

JSON

Gitlab reports:

Missing Permission Check on Time Tracking
Cross-Site Scripting in PyPi Files API
Insecure Authorization Check on Private Project Security Dashboard
Cross-Site Scripting in References
Cross-Site Scripting in Group Names
Cross-Site Scripting in Blob Viewer
Cross-Site Scripting in Error Tracking
Insecure Authorisation Check on Creation and Deletion of Deploy Tokens
User Name Format Restiction Bypass
Denial of Service in Issue Comments
Cross-Site Scripting in Wiki Pages
Private Merge Request Updates Leaked via Todos
Private User Activity Leaked via API
Cross-Site Scripting in Bitbucket Import Feature
Github Project Restriction Bypass
Update PCRE Dependency
Update Kaminari Gem
Cross-Site Scripting in User Profile
Update Xterm.js

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchgitlab-ce= 13.1.0UNKNOWN
FreeBSDanynoarchgitlab-ce< 13.1.2UNKNOWN

Related

nessus 31
veracode 3
debian 2
osv 11
openvas 18
freebsd 1
ubuntucve 3
github 2
prion 3
cve 3
debiancve 3
ibm 15
alpinelinux 1
cbl_mariner 1
redhatcve 2
f5 1
redhat 31
suse 2
oraclelinux 1
rocky 1
almalinux 1
cloudfoundry 1
ubuntu 1
photon 6
rosalinux 1
talosblog 1
apple 4
tenable 1
oracle 2
nessus
nessus
FreeBSD : Gitlab -- Multiple Vulnerabilities (0a305431-bc98-11ea-a051-001b217b3468)
2020-07-06 00:00:00
Debian DLA-2763-1 : ruby-kaminari - LTS security update
2021-09-22 00:00:00
Debian DSA-5005-1 : ruby-kaminari - security update
2021-11-12 00:00:00
veracode
veracode
Cross-site Scripting (XSS)
2020-05-29 01:18:40
Integer Overflow
2020-12-10 16:18:29
Remote Code Execution (RCE)
2019-01-10 01:36:04
debian
debian
[SECURITY] [DSA 5005-1] ruby-kaminari security update
2021-11-10 21:26:09
[SECURITY] [DLA 2763-1] ruby-kaminari security update
2021-09-22 15:39:40
osv
osv
CVE-2020-11082
2020-05-28 21:15:11
Cross-Site Scripting in Kaminari
2020-05-28 21:10:11
ruby-kaminari - security update
2021-09-22 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-2763-1)
2021-09-23 00:00:00
Debian: Security Advisory (DSA-5005-1)
2021-11-14 00:00:00
Huawei EulerOS: Security Advisory for pcre (EulerOS-SA-2021-2156)
2021-07-07 00:00:00
freebsd
freebsd
kaminari -- potential XSS vulnerability
2020-04-22 00:00:00
ubuntucve
ubuntucve
CVE-2020-11082
2020-05-28 00:00:00
CVE-2020-14155
2020-06-15 00:00:00
CVE-2019-0542
2019-01-09 00:00:00
github
github
Cross-Site Scripting in Kaminari
2020-05-28 21:10:11
xterm vulnerable to remote code execution
2019-01-14 16:19:55
prion
prion
Code injection
2020-05-28 21:15:00
Integer overflow
2020-06-15 17:15:00
Remote code execution
2019-01-09 15:29:00
cve
cve
CVE-2020-11082
2020-05-28 21:15:00
CVE-2020-14155
2020-06-15 17:15:00
CVE-2019-0542
2019-01-09 15:29:00
debiancve
debiancve
CVE-2020-11082
2020-05-28 21:15:00
CVE-2020-14155
2020-06-15 17:15:00
CVE-2019-0542
2019-01-09 15:29:00
ibm
ibm
Security Bulletin: A security vulnerability has been identified in PCRE, which is a required product for IBM Tivoli Network Manager IP Edition (CVE-2020-14155)
2021-01-04 10:16:09
Security Bulletin: WMLCE: libpcre in PCRE before 8.44 allows an integer overflow
2020-07-17 23:02:18
Security Bulletin: Vulnerability in PCRE affects IBM Netezza SQL Extensions Toolkit
2021-01-04 14:36:49
alpinelinux
alpinelinux
CVE-2020-14155
2020-06-15 17:15:00
cbl_mariner
cbl_mariner
CVE-2020-14155 affecting package pcre 8.42-4
2020-11-30 19:30:42
redhatcve
redhatcve
CVE-2020-14155
2020-06-18 11:25:08
CVE-2019-0542
2020-04-07 17:01:16
f5
f5
K02219239 : PCRE vulnerability CVE-2020-14155
2020-08-04 00:00:00
redhat
redhat
(RHSA-2019:1422) Moderate: OpenShift Container Platform 3.11 atomic-openshift-web-console security update
2019-06-10 16:44:08
(RHSA-2019:2552) Moderate: OpenShift Container Platform 3.10 atomic-openshift-web-console security update
2019-08-22 01:40:04
(RHSA-2019:2551) Moderate: OpenShift Container Platform 3.9 atomic-openshift-web-console security update
2019-09-05 04:57:16
suse
suse
Security update for pcre (moderate)
2021-10-27 00:00:00
Security update for pcre (moderate)
2021-11-02 00:00:00
oraclelinux
oraclelinux
pcre security update
2021-11-16 00:00:00
rocky
rocky
pcre security update
2021-11-09 09:12:45
almalinux
almalinux
Low: pcre security update
2021-11-09 09:12:45
cloudfoundry
cloudfoundry
USN-5425-1: PCRE vulnerabilities | Cloud Foundry
2022-07-29 00:00:00
ubuntu
ubuntu
PCRE vulnerabilities
2022-05-17 00:00:00
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-2.0-0256
2020-06-27 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-1.0-0305
2020-06-30 00:00:00
Important Photon OS Security Update - PHSA-2020-0305
2020-06-25 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1947
2021-07-02 17:40:57
talosblog
talosblog
Microsoft Patch Tuesday — January 2019: Vulnerability disclosures and Snort coverage
2019-01-08 11:40:00
apple
apple
About the security content of macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave - Apple Support
2021-02-18 06:14:03
About the security content of macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave
2021-02-01 00:00:00
About the security content of macOS Big Sur 11.0.1 - Apple Support
2021-02-18 06:14:03
tenable
tenable
[R1] Nessus Network Monitor 6.2.2 Fixes Multiple Vulnerabilities
2023-06-29 10:45:47
oracle
oracle
Oracle Critical Patch Update Advisory - October 2022
2022-10-18 00:00:00
Oracle Critical Patch Update Advisory - April 2022
2022-04-19 00:00:00

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.027 Low

EPSS

Percentile

90.4%

JSON
Related for 0A305431-BC98-11EA-A051-001B217B3468
nessus31veracode3debian2osv11openvas18freebsd1ubuntucve3github2prion3cve3debiancve3ibm15alpinelinux1cbl_mariner1redhatcve2f51redhat31suse2oraclelinux1rocky1almalinux1cloudfoundry1ubuntu1photon6rosalinux1talosblog1apple4tenable1oracle2