Lucene search
K

27 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2022-1175

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper neutralization of user input in GitLab CE/EE versions 14.4 before 14.7.7, all versions starting from 14.8 before 14.8.5, all versions starting from 14....

8.7CVSS7.2AI score0.82003EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2025/08/26 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2022-1099

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Adding a very large number of tags to a runner in GitLab CE/EE affecting all versions prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 allows an...

4.3CVSS5AI score0.00861EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 11:29 p.m.3 views

CVE-2022-1099

Adding a very large number of tags to a runner in GitLab CE/EE affecting all versions prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 allows an attacker to impact the performance of GitLab...

4.3CVSS6.8AI score0.00861EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/01/02 12:0 a.m.27 views

GitLab < 14.7.7 (CVE-2022-1099)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Adding a very large number of tags to a runner in GitLab CE/EE affecting all versions prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 allows an attacker to impact the performance of...

4.3CVSS5.2AI score0.00861EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/04/11 12:0 a.m.4 views

PT-2022-13706 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 10.7 through 14.7.7 GitLab CE/EE versions 10.8 through 14.8.5 GitLab CE/EE versions 10.9 through 14.9.2 Description: Improper access control in GitLab CE/EE allows a malicious actor to obtain details of the latest commit...

4.3CVSS4.1AI score0.00931EPSS
Exploits1References12
OpenVAS
OpenVAS
added 2022/04/05 12:0 a.m.23 views

GitLab < 14.7.7, 14.8.x < 14.8.5, 14.9.x < 14.9.2 Multiple Vulnerabilities

GitLab is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:gitlab:gitlab"; if description...

6.5CVSS5.8AI score0.0104EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2022/04/05 12:0 a.m.12 views

GitLab 12.1.x < 14.7.7, 14.8.x < 14.8.5, 14.9.x < 14.9.2 SSRF Vulnerability

GitLab is prone to a server-side request forgery SSRF vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

5.3CVSS5.6AI score0.01012EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2022/04/05 12:0 a.m.20 views

GitLab 14.4.x < 14.7.7, 14.8.x < 14.8.5, 14.9.x < 14.9.2 XSS Vulnerability

GitLab is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:gitlab:gitlab"; if...

8.7CVSS7.2AI score0.82003EPSS
Exploits3References1
OpenVAS
OpenVAS
added 2022/04/05 12:0 a.m.16 views

GitLab 13.11.x < 14.7.7, 14.8.x < 14.8.5, 14.9.x < 14.9.2 Access Control Vulnerability

GitLab is prone to an access control vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:gitlab:gitlab"; if descriptio...

4.3CVSS4.8AI score0.00729EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2022/04/05 12:0 a.m.17 views

GitLab 11.5.x < 14.7.7, 14.8.x < 14.8.5, 14.9.x < 14.9.2 Access Token Reuse Vulnerability

GitLab is prone to an access token reuse vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:gitlab:gitlab"; if...

6.5CVSS6.5AI score0.01129EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2022/04/05 12:0 a.m.21 views

GitLab 8.3.x < 14.7.7, 14.8.x < 14.8.5, 14.9.x < 14.9.2 XSS Vulnerability

GitLab is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:gitlab:gitlab"; if...

8.7CVSS5.6AI score0.87369EPSS
Exploits0References1
NVD
NVD
added 2022/04/04 8:15 p.m.11 views

CVE-2022-1188

An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.1 before 14.7.7, all versions starting from 14.8 before 14.8.5, all versions starting from 14.9 before 14.9.2 where a blind SSRF attack through the repository mirroring feature was possible...

5.3CVSS0.01012EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/04/04 8:15 p.m.4 views

CVE-2022-1121

A lack of appropriate timeouts in GitLab Pages included in GitLab CE/EE all versions prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 allows an attacker to cause unlimited resource consumption...

5.3CVSS5.9AI score0.0104EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/04/04 8:15 p.m.7 views

CVE-2022-1111

A business logic error in Project Import in GitLab CE/EE versions 14.9 prior to 14.9.2, 14.8 prior to 14.8.5, and 14.0 prior to 14.7.7 under certain conditions caused imported projects to show an incorrect user in the 'Access Granted' column in the project membership pages...

3.5CVSS5.3AI score0.00609EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2022/04/04 8:15 p.m.17 views

CVE-2022-1099

Adding a very large number of tags to a runner in GitLab CE/EE affecting all versions prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 allows an attacker to impact the performance of GitLab...

4.3CVSS0.00861EPSS
Exploits0References2
Prion
Prion
added 2022/04/04 8:15 p.m.15 views

Input validation

A potential DOS vulnerability was discovered in GitLab CE/EE affecting all versions from 13.1 prior to 14.7.7, 14.8.0 prior to 14.8.5, and 14.9.0 prior to 14.9.2. The api to update an asset as a link from a release had a regex check which caused exponential number of backtracks for certain user...

4CVSS4.5AI score0.00886EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCve
added 2022/04/04 8:15 p.m.35 views

CVE-2022-1099

Adding a very large number of tags to a runner in GitLab CE/EE affecting all versions prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 allows an attacker to impact the performance of GitLab...

4.3CVSS5.9AI score0.00861EPSS
Exploits0References3
OSV
OSV
added 2022/04/04 8:15 p.m.1 views

UBUNTU-CVE-2022-1120

Missing filtering in an error message in GitLab CE/EE affecting all versions prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 exposed sensitive information when an include directive fails in the CI/CD configuration...

6.5CVSS5.8AI score0.00987EPSS
Exploits0References5
OSV
OSV
added 2022/04/04 8:15 p.m.6 views

UBUNTU-CVE-2022-1190

Improper handling of user input in GitLab CE/EE versions 8.3 prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 allowed an attacker to exploit a stored XSS by abusing multi-word milestone references in issue descriptions, comments, etc...

8.7CVSS7AI score0.87369EPSS
Exploits0References5
OSV
OSV
added 2022/04/04 8:15 p.m.1 views

UBUNTU-CVE-2022-1121

A lack of appropriate timeouts in GitLab Pages included in GitLab CE/EE all versions prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 allows an attacker to cause unlimited resource consumption...

5.3CVSS5.8AI score0.0104EPSS
Exploits0References4
Rows per page
Query Builder