Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
freebsdFreeBSDE8483115-8B8E-11EA-BDCF-001B217B3468
HistoryApr 30, 2020 - 12:00 a.m.

Gitlab -- Multiple Vulnerabilities

2020-04-3000:00:00
vuxml.freebsd.org
65

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.081 Low

EPSS

Percentile

94.2%

JSON

Gitlab reports:

Path Traversal in NuGet Package Registry
Workhorse Bypass Leads to File Disclosure
OAuth Application Client Secrets Revealed
Code Owners Approval Rules Are Not Updated for Existing Merge Requests When Source Branch Changes
Code Owners Protection Not Enforced from Web UI
Repository Mirror Passwords Exposed To Maintainers
Admin Audit Log Page Denial of Service
Private Project ID Revealed Through Group API
Elasticsearch Credentials Logged to ELK
GitHub Personal Access Token Exposed on Integrations Page
Update Nokogiri dependency
Update OpenSSL Dependency
Update git

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchgitlab-ce= 12.10.0UNKNOWN
FreeBSDanynoarchgitlab-ce< 12.10.2UNKNOWN

Related

nessus 55
osv 14
veracode 4
cve 5
github 3
prion 5
ubuntucve 5
debiancve 5
hackerone 1
apple 2
redhat 6
openvas 35
ubuntu 2
debian 4
photon 2
oraclelinux 2
altlinux 2
centos 1
freebsd 2
cloudfoundry 2
redhatcve 3
cbl_mariner 1
f5 2
suse 2
openssl 1
alpinelinux 3
ibm 5
freebsd_advisory 1
checkpoint_advisories 1
archlinux 3
mscve 1
githubexploit 1
rustsec 1
huawei 1
rubygems 1
attackerkb 1
fedora 6
redos 1
gentoo 2
slackware 1
ics 1
amazon 2
mageia 1
nessus
nessus
FreeBSD : Gitlab -- Multiple Vulnerabilities (e8483115-8b8e-11ea-bdcf-001b217b3468)
2020-05-04 00:00:00
Ubuntu 16.04 LTS / 18.04 LTS : Git vulnerability (USN-4334-1)
2020-04-22 00:00:00
Debian DLA-2182-1 : git security update
2020-04-24 00:00:00
osv
osv
Exposure of Sensitive Information to an Unauthorized Actor in Doorkeeper
2020-05-07 21:11:07
CVE-2020-10187
2020-05-04 14:15:13
CVE-2020-12448
2020-05-07 17:15:11
veracode
veracode
Information Disclosure
2020-05-04 09:21:16
Information Disclosure
2020-04-30 02:23:55
Denial Of Service (DoS)
2020-01-22 13:00:16
cve
cve
CVE-2020-10187
2020-05-04 14:15:00
CVE-2020-12448
2020-05-07 17:15:00
CVE-2020-7595
2020-01-21 23:15:00
github
github
Exposure of Sensitive Information to an Unauthorized Actor in Doorkeeper
2020-05-07 21:11:07
libxml as used in Nokogiri has an infinite loop in a certain end-of-file situation
2020-02-24 19:12:36
Null pointer deference in openssl-src
2021-08-25 20:45:15
prion
prion
Information disclosure
2020-05-04 14:15:00
Information disclosure
2020-05-07 17:15:00
Design/Logic Flaw
2020-01-21 23:15:00
ubuntucve
ubuntucve
CVE-2020-10187
2020-05-04 00:00:00
CVE-2020-12448
2020-05-07 00:00:00
CVE-2020-7595
2020-01-21 00:00:00
debiancve
debiancve
CVE-2020-12448
2020-05-07 17:15:00
CVE-2020-10187
2020-05-04 14:15:00
CVE-2020-7595
2020-01-21 23:15:00
hackerone
hackerone
GitLab: Path traversal in Nuget Package Registry
2020-03-17 15:51:58
apple
apple
About the security content of Xcode 11.5 - Apple Support
2020-05-20 05:26:39
About the security content of Xcode 11.5
2020-05-20 00:00:00
redhat
redhat
(RHSA-2020:1978) Important: git security update
2020-04-30 09:12:15
(RHSA-2020:1980) Important: git security update
2020-04-30 09:14:07
(RHSA-2020:1979) Important: git security update
2020-04-30 09:14:06
openvas
openvas
CentOS: Security Advisory for emacs-git (CESA-2020:2337)
2020-06-02 00:00:00
Debian: Security Advisory (DSA-4659-1)
2020-04-21 00:00:00
Debian: Security Advisory (DLA-2182-1)
2020-04-24 00:00:00
ubuntu
ubuntu
Git vulnerability
2020-04-21 00:00:00
libxml2 vulnerabilities
2020-02-10 00:00:00
debian
debian
[SECURITY] [DLA 2182-1] git security update
2020-04-24 00:38:59
[SECURITY] [DSA 4659-1] git security update
2020-04-20 18:50:32
[SECURITY] [DSA 4659-1] git security update
2020-04-20 18:50:32
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-2.0-0243
2020-05-14 00:00:00
Important Photon OS Security Update - PHSA-2020-0243
2020-05-14 00:00:00
oraclelinux
oraclelinux
git security update
2020-05-29 00:00:00
git security update
2020-05-07 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package git version 2.25.4-alt1
2020-04-21 00:00:00
Security fix for the ALT Linux 10 package git version 2.25.4-alt1
2020-04-19 00:00:00
centos
centos
emacs, git, gitk, gitweb, perl security update
2020-06-01 17:28:40
freebsd
freebsd
malicious URLs can cause git to send a stored credential to wrong server
2020-04-20 00:00:00
OpenSSL remote denial of service vulnerability
2020-04-21 00:00:00
cloudfoundry
cloudfoundry
USN-4334-1: Git vulnerability | Cloud Foundry
2020-05-14 00:00:00
USN-4274-1: libxml2 vulnerabilities | Cloud Foundry
2020-02-20 00:00:00
redhatcve
redhatcve
CVE-2020-11008
2020-04-21 01:34:03
CVE-2020-7595
2020-02-06 19:14:18
CVE-2020-1967
2020-04-21 13:33:41
cbl_mariner
cbl_mariner
CVE-2020-7595 affecting package libxml2 2.9.10-4
2020-10-08 18:09:52
f5
f5
K04460334 : libxml2 2.9.10 vulnerability CVE-2020-7595
2021-04-16 00:00:00
K01251345 : OpenSSL vulnerability CVE-2020-1967
2020-04-23 00:00:00
suse
suse
Security update for rust, rust-cbindgen (moderate)
2020-07-06 00:00:00
Security update for rust, rust-cbindgen (moderate)
2020-07-07 00:00:00
openssl
openssl
Vulnerability in OpenSSL CVE-2020-1967
2020-04-21 00:00:00
alpinelinux
alpinelinux
CVE-2020-7595
2020-01-21 23:15:00
CVE-2020-1967
2020-04-21 14:15:00
CVE-2020-11008
2020-04-21 19:15:00
ibm
ibm
Security Bulletin: OpenSSL for IBM i is affected by CVE-2020-1967
2020-06-19 14:58:12
Security Bulletin: Denial Of Service vulnerability in OpenSSL affects IBM Safer Payments (CVE-2020-1967)
2023-04-24 13:10:12
Security Bulletin: OpenSSL disclosed vulnerability affects MessageGatweay (CVE-2020-1967)
2020-04-30 17:09:17
freebsd_advisory
freebsd_advisory
FreeBSD-SA-20:11.openssl
2020-04-21 00:00:00
checkpoint_advisories
checkpoint_advisories
OpenSSL TLS NULL Pointer Dereference Denial of Service (CVE-2020-1967)
2020-06-02 00:00:00
archlinux
archlinux
[ASA-202004-18] openssl: denial of service
2020-04-21 00:00:00
[ASA-202004-19] lib32-openssl: denial of service
2020-04-22 00:00:00
[ASA-202004-21] git: information disclosure
2020-04-22 00:00:00
mscve
mscve
OpenSSL Remote Denial of Service Vulnerability
2020-04-21 07:00:00
githubexploit
githubexploit
Exploit for NULL Pointer Dereference in Openssl
2020-04-28 21:15:35
rustsec
rustsec
Crash causing Denial of Service attack
2020-04-25 12:00:00
huawei
huawei
Security Advisory - Denial of Service Vulnerability in OpenSSL
2020-07-15 00:00:00
rubygems
rubygems
libxml2 2.9.10 has an infinite loop in a certain end-of-file situation
2020-02-11 21:00:00
attackerkb
attackerkb
CVE-2020-5260
2020-04-14 00:00:00
fedora
fedora
[SECURITY] Fedora 30 Update: git-2.21.3-1.fc30
2020-05-01 04:54:13
[SECURITY] Fedora 32 Update: git-2.26.2-1.fc32
2020-04-27 02:46:35
[SECURITY] Fedora 31 Update: git-2.25.4-1.fc31
2020-04-26 02:50:14
redos
redos
ROS-2-640
2021-09-08 00:00:00
gentoo
gentoo
Git: Information disclosure
2020-04-23 00:00:00
libxml2: Multiple vulnerabilities
2020-10-20 00:00:00
slackware
slackware
[slackware-security] git
2020-04-22 03:14:47
ics
ics
Siemens SINEMA Remote Connect Server
2021-04-13 12:00:00
amazon
amazon
Important: git
2020-07-28 17:23:00
Important: git
2020-05-05 01:11:00
mageia
mageia
Updated libxml2_2 packages fix security vulnerabilities
2020-02-25 00:44:46

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.081 Low

EPSS

Percentile

94.2%

JSON
Related for E8483115-8B8E-11EA-BDCF-001B217B3468
nessus55osv14veracode4cve5github3prion5ubuntucve5debiancve5hackerone1apple2redhat6openvas35ubuntu2debian4photon2oraclelinux2altlinux2centos1freebsd2cloudfoundry2redhatcve3cbl_mariner1f52suse2openssl1alpinelinux3ibm5freebsd_advisory1checkpoint_advisories1archlinux3mscve1githubexploit1rustsec1huawei1rubygems1attackerkb1fedora6redos1gentoo2slackware1ics1amazon2mageia1