Gitlab Community Edition And Gitlab Enterprise Edition 8.7.0 Through 8.15.7, 8.16.0 Through 8.16.7, 8.17.0 Through 8.17.3 Security Vulnerabilities
CVE-2023-39325 vulnerabilities
Vulnerabilities for packages: bom, gitlab-pages, prometheus-operator, yq, runc, hey, vertical-pod-autoscaler, bank-vaults, tekton-chains, kubernetes-dns-node-cache, hugo, kubewatch, gke-gcloud-auth-plugin, chartmuseum, nats, wireguard-go, nri-prometheus, stakater-reloader, cluster-autoscaler,...
7.5CVSS
8.4AI Score
0.002EPSS
GHSA-3Q2C-PVP5-3CQP vulnerabilities
Vulnerabilities for packages: bom, yq, prometheus-operator, actions-runner-controller, kube-bench, runc, hey, aws-flb-kinesis, aws-flb-cloudwatch, vertical-pod-autoscaler, aws-flb-firehose, kubernetes-dns-node-cache, cass-operator, docker-credential-acr-env, nri-f5, kubewatch, gitlab-logger,...
7.5AI Score
CVE-2024-26308 vulnerabilities
Vulnerabilities for packages: wavefront-proxy, dependency-track, gradle, neo4j, jenkins, opensearch, trino,...
5.5CVSS
7AI Score
0.001EPSS
7.5AI Score
7.5AI Score
6.7AI Score
0.0004EPSS
7.5AI Score
GHSA-FGQ5-Q76C-GX78 vulnerabilities
Vulnerabilities for packages: bom, yq, prometheus-operator, actions-runner-controller, kube-bench, runc, hey, aws-flb-kinesis, aws-flb-cloudwatch, vertical-pod-autoscaler, aws-flb-firehose, kubernetes-dns-node-cache, cass-operator, docker-credential-acr-env, nri-f5, kubewatch, gitlab-logger,...
7.5AI Score
GHSA-J6M3-GC37-6R6Q vulnerabilities
Vulnerabilities for packages: bom, yq, prometheus-operator, actions-runner-controller, kube-bench, runc, hey, aws-flb-kinesis, aws-flb-cloudwatch, vertical-pod-autoscaler, aws-flb-firehose, kubernetes-dns-node-cache, cass-operator, docker-credential-acr-env, nri-f5, kubewatch, gitlab-logger,...
7.5AI Score
CVE-2024-24785 vulnerabilities
Vulnerabilities for packages: bom, yq, prometheus-operator, actions-runner-controller, kube-bench, runc, hey, aws-flb-kinesis, aws-flb-cloudwatch, vertical-pod-autoscaler, aws-flb-firehose, kubernetes-dns-node-cache, cass-operator, docker-credential-acr-env, nri-f5, kubewatch, gitlab-logger,...
7.8AI Score
0.0004EPSS
GHSA-32CH-6X54-Q4H9 vulnerabilities
Vulnerabilities for packages: bom, yq, prometheus-operator, actions-runner-controller, kube-bench, runc, hey, aws-flb-kinesis, aws-flb-cloudwatch, vertical-pod-autoscaler, aws-flb-firehose, kubernetes-dns-node-cache, cass-operator, docker-credential-acr-env, nri-f5, kubewatch, gitlab-logger,...
7.5AI Score
GHSA-4G9R-VXHX-9PGX vulnerabilities
Vulnerabilities for packages: wavefront-proxy, dependency-track, gradle, neo4j, jenkins, opensearch, trino,...
7.5AI Score
5.3CVSS
5.5AI Score
0.001EPSS
6.7AI Score
EPSS
6.7AI Score
0.0004EPSS
GHSA-49GW-VXVF-FC2G vulnerabilities
Vulnerabilities for packages: gitlab-pages, yq, tekton-chains, aws-flb-firehose, cass-operator, kubewatch, stern, gke-gcloud-auth-plugin, kargo, nri-prometheus, timestamp-authority, local-static-provisioner, wire-go, cilium-cli, kubernetes-csi-external-attacher, task, wave, paranoia,...
7.5AI Score
CVE-2023-39326 vulnerabilities
Vulnerabilities for packages: aactl, sonobuoy, gosu, hey, gobuster, k3d, aws-flb-kinesis, aws-flb-cloudwatch, vertical-pod-autoscaler, ctop, docker-cli, aws-flb-firehose, cass-operator, gitlab-logger, gke-gcloud-auth-plugin, oras, protoc-gen-go-grpc, kind, nats, falco, dgraph, mage, petname,...
5.3CVSS
7.2AI Score
0.001EPSS
GHSA-5F94-VHJQ-RPG8 vulnerabilities
Vulnerabilities for packages: aactl, sonobuoy, gosu, hey, gobuster, k3d, aws-flb-kinesis, aws-flb-cloudwatch, vertical-pod-autoscaler, ctop, docker-cli, aws-flb-firehose, cass-operator, gitlab-logger, gke-gcloud-auth-plugin, oras, protoc-gen-go-grpc, kind, nats, falco, dgraph, mage, petname,...
7.5AI Score
GHSA-9F76-WG39-X86H vulnerabilities
Vulnerabilities for packages: aactl, sonobuoy, gosu, hey, gobuster, k3d, aws-flb-kinesis, aws-flb-cloudwatch, vertical-pod-autoscaler, ctop, docker-cli, aws-flb-firehose, cass-operator, gitlab-logger, gke-gcloud-auth-plugin, oras, protoc-gen-go-grpc, kind, nats, falco, dgraph, mage, petname,...
7.5AI Score
GHSA-45X7-PX36-X8W8 vulnerabilities
Vulnerabilities for packages: bom, gitlab-pages, actions-runner-controller, bank-vaults, tekton-chains, docker-credential-acr-env, hugo, kubewatch, nats, wireguard-go, cluster-autoscaler, dynamic-localpv-provisioner, apko, tigera-operator, tekton-pipelines, prometheus-mysqld-exporter, cilium-cli,.....
7.5AI Score
GHSA-2WRH-6PVC-2JM9 vulnerabilities
Vulnerabilities for packages: bom, gitlab-pages, prometheus-operator, yq, runc, hey, vertical-pod-autoscaler, bank-vaults, hugo, kubewatch, gke-gcloud-auth-plugin, chartmuseum, wireguard-go, nri-prometheus, stakater-reloader, cluster-autoscaler, dynamic-localpv-provisioner, apko,...
7.5AI Score
GHSA-4374-P667-P6C8 vulnerabilities
Vulnerabilities for packages: bom, gitlab-pages, prometheus-operator, yq, runc, hey, vertical-pod-autoscaler, bank-vaults, tekton-chains, kubernetes-dns-node-cache, hugo, kubewatch, gke-gcloud-auth-plugin, chartmuseum, nats, wireguard-go, nri-prometheus, stakater-reloader, cluster-autoscaler,...
7.5AI Score
GHSA-M425-MQ94-257G vulnerabilities
Vulnerabilities for packages: aactl, gitlab-pages, buildkitd, src, oauth2-proxy, terraform-provider-aws, mc, k3d, terraform, prometheus-blackbox-exporter, flux-kustomize-controller, keda, nvidia-device-plugin, influxd, ko, calico, external-dns, minio, up, pulumi-language-dotnet,...
7.5AI Score
GHSA-QPPJ-FM5R-HXR3 vulnerabilities
Vulnerabilities for packages: bom, gitlab-pages, hey, hugo, kubewatch, gke-gcloud-auth-plugin, nats, wireguard-go, nri-prometheus, stakater-reloader, cluster-autoscaler, dynamic-localpv-provisioner, cilium-envoy, kubernetes-csi-external-attacher, pulumi, secrets-store-csi-driver,...
7.5AI Score
CVE-2024-24783 vulnerabilities
Vulnerabilities for packages: bom, yq, prometheus-operator, actions-runner-controller, kube-bench, runc, hey, aws-flb-kinesis, aws-flb-cloudwatch, vertical-pod-autoscaler, aws-flb-firehose, kubernetes-dns-node-cache, cass-operator, docker-credential-acr-env, nri-f5, kubewatch, gitlab-logger,...
7.8AI Score
0.0004EPSS
GHSA-XW73-RW38-6VJC vulnerabilities
Vulnerabilities for packages: aactl, bom, buildkitd, gitsign, zot, skopeo, ctop, cri-tools, loki, tekton-chains, traefik, policy-controller, eksctl, k3s, up, falcoctl, kargo, flux-helm-controller, falco, telegraf, k8sgpt, filebeat, crane, istio-pilot-agent, kubeflow-katib, tekton-pipelines, helm,.....
7.5AI Score
CVE-2023-45290 vulnerabilities
Vulnerabilities for packages: bom, yq, prometheus-operator, actions-runner-controller, kube-bench, runc, hey, aws-flb-kinesis, aws-flb-cloudwatch, vertical-pod-autoscaler, aws-flb-firehose, kubernetes-dns-node-cache, cass-operator, docker-credential-acr-env, nri-f5, kubewatch, gitlab-logger,...
6AI Score
0.0004EPSS
5.5CVSS
5.6AI Score
0.0004EPSS
7.8AI Score
0.0004EPSS
7.5AI Score
CVE-2024-24788 vulnerabilities
Vulnerabilities for packages: bom, gitlab-pages, kube-bench, runc, hey, vertical-pod-autoscaler, bank-vaults, crossplane-provider-gcp, tekton-chains, kubernetes-dns-node-cache, docker-credential-acr-env, gobump, kubewatch, stern, gke-gcloud-auth-plugin, chartmuseum, wireguard-go, ipfs,...
6.5AI Score
0.0004EPSS
GHSA-236W-P7WF-5PH8 vulnerabilities
Vulnerabilities for packages: gitlab-pages, yq, tekton-chains, aws-flb-firehose, cass-operator, kubewatch, stern, gke-gcloud-auth-plugin, kargo, nri-prometheus, timestamp-authority, local-static-provisioner, wire-go, cilium-cli, kubernetes-csi-external-attacher, task, wave, paranoia,...
7.5AI Score
thepost.hu Cross Site Scripting vulnerability OBB-3939554
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
stad-en-groen.nl Cross Site Scripting vulnerability OBB-3939551
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
tattootribes.com Cross Site Scripting vulnerability OBB-3939552
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
seplite.com Cross Site Scripting vulnerability OBB-3939549
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
platform-l.org Cross Site Scripting vulnerability OBB-3939546
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
planet3studios.com Cross Site Scripting vulnerability OBB-3939545
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
pabodie.com Cross Site Scripting vulnerability OBB-3939543
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
naifei666.com Cross Site Scripting vulnerability OBB-3939541
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
marketingofamerica.com Cross Site Scripting vulnerability OBB-3939539
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
ludinantes.fr Cross Site Scripting vulnerability OBB-3939537
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
kino-aibling.de Cross Site Scripting vulnerability OBB-3939534
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
korarti.no Cross Site Scripting vulnerability OBB-3939535
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
hrmvideo.com Cross Site Scripting vulnerability OBB-3939531
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
friends2dance.net Cross Site Scripting vulnerability OBB-3939528
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
franky.com.my Cross Site Scripting vulnerability OBB-3939527
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
elleapartments.com Cross Site Scripting vulnerability OBB-3939523
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
endeavorhall.org Cross Site Scripting vulnerability OBB-3939524
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
drawtite-hitches.com Cross Site Scripting vulnerability OBB-3939520
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score