Lucene search
K

15 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-5601

Malware in sbrugna...

4.9CVSS4.9AI score0.01183EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/22 3:52 p.m.10 views

CVE-2020-13344

An issue has been discovered in GitLab affecting all versions prior to 13.2.10, 13.3.7 and 13.4.2. Sessions keys are stored in plain-text in Redis which allows attacker with Redis access to authenticate as any user that has a session stored in Redis...

5.7CVSS6.2AI score0.00344EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/05/17 12:0 a.m.24 views

GitLab 8.11.0-rc6 < 13.2.10 / 13.3.0 < 13.3.7 / 13.4.0 < 13.4.2 (CVE-2020-13332)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...

6.5AI score
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/05/17 12:0 a.m.19 views

GitLab 12.4 < 13.2.10 / 13.3 < 13.3.7 / 13.4 < 13.4.2 (CVE-2020-13340)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab affecting all versions prior to 13.2.10, 13.3.7 and 13.4.2: Stored XSS in CI Job Log CVE-2020-13340 Note that Nessus has not tested for this issue but has instea...

8.7CVSS7.7AI score0.68639EPSS
Exploits0References4
CNVD
CNVD
added 2020/10/19 12:0 a.m.4 views

Unspecified Vulnerability in GitLab (CNVD-2020-63395)

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in GitLab versions 13.4.2...

7.5CVSS6.8AI score0.00706EPSS
Exploits0References1
CNVD
CNVD
added 2020/10/15 12:0 a.m.3 views

GitLab Resource Management Error Vulnerability (CNVD-2020-63397)

GitLab is a Ruby on Rails developed, self-hosted, Git version control system project repository application from GitLab, Inc. The program can be used to access the project's file contents, commit history, bug list , etc. Git is a free, open source distributed version control system. A security...

4CVSS6.8AI score0.00881EPSS
Exploits0References1
OSV
OSV
added 2020/10/12 2:15 p.m.1 views

UBUNTU-CVE-2020-13341

An issue has been discovered in GitLab affecting all versions prior to 13.2.10, 13.3.7 and 13.4.2. Insufficient permission check allows attacker with developer role to perform various deletions...

4.9CVSS5.7AI score0.01183EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2020/10/12 12:0 a.m.5 views

PT-2020-13482 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions prior to 13.2.10 GitLab versions prior to 13.3.7 GitLab versions prior to 13.4.2 Description: An issue has been discovered in GitLab where an insufficient permission check allows an attacker with a developer role to perform...

4.9CVSS4.7AI score0.01183EPSS
Exploits0References10
OSV
OSV
added 2020/10/08 2:15 p.m.6 views

UBUNTU-CVE-2020-13339

An issue has been discovered in GitLab affecting all versions before 13.2.10, 13.3.7 and 13.4.2: XSS in SVG File Preview. Overall impact is limited due to the current user only being impacted...

6.5CVSS6.5AI score0.00823EPSS
Exploits0References5
Cvelist
Cvelist
added 2020/10/08 1:46 p.m.30 views

CVE-2020-13340

An issue has been discovered in GitLab affecting all versions prior to 13.2.10, 13.3.7 and 13.4.2: Stored XSS in CI Job Log...

8.7CVSS8.1AI score0.68639EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2020/10/08 12:0 a.m.3 views

PT-2020-13481 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions prior to 13.2.10 GitLab versions prior to 13.3.7 GitLab versions prior to 13.4.2 Description: A Stored XSS issue has been discovered in the CI Job Log of GitLab. Recommendations: For versions prior to 13.2.10, update to versio...

8.7CVSS8.2AI score0.68639EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2020/10/08 12:0 a.m.5 views

PT-2020-13485 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions prior to 13.2.10 GitLab versions prior to 13.3.7 GitLab versions prior to 13.4.2 Description: An issue has been discovered in GitLab where session keys are stored in plain-text in Redis. This allows an attacker with Redis acce...

5.7CVSS4.6AI score0.00344EPSS
Exploits0References10
OSV
OSV
added 2020/10/07 2:15 p.m.25 views

CVE-2020-13346

Membership changes are not reflected in ToDo subscriptions in GitLab versions prior to 13.2.10, 13.3.7 and 13.4.2, allowing guest users to access confidential issues through API...

6.5CVSS6.4AI score0.01335EPSS
Exploits0References3
NCSC
NCSC
added 2020/10/07 12:0 a.m.29 views

Vulnerabilities fixed in GitLab

Several vulnerabilities have been fixed in GitLab. The vulnerabilities potentially allow a malicious person to launch attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Remote code execution User Rights Access to sensitive da...

8.8CVSS7.2AI score0.02112EPSS
Exploits3
Positive Technologies
Positive Technologies
added 2020/10/07 12:0 a.m.7 views

PT-2020-13483 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions prior to 13.2.10 GitLab versions prior to 13.3.7 GitLab versions prior to 13.4.2 Description: The issue is related to the lack of rate limiting when re-sending confirmation emails. Recommendations: For versions prior to 13.2.1...

4CVSS3.4AI score0.00881EPSS
Exploits0References9
Rows per page
Query Builder