228 matches found
PT-2021-22778 · Gitlab · Gitlab Runner +1
Name of the Vulnerable Software and Affected Versions: GitLab Runner versions 13.7 through 14.3.6 GitLab Runner versions 14.4 through 14.4.4 GitLab Runner versions 14.5 through 14.5.2 Description: An uncontrolled resource consumption issue in GitLab Runner allows an attacker to trigger a job with...
Vulnerabilities fixed in GitLab Runner
Vulnerabilities have been fixed in GitLab Runner. A authenticated malicious party could potentially exploit them to cause a denial-of-service or to gain access to system data. GitLab developers have released updates to address the vulnerabilities in GitLab Runner 14.3.4, 14.4.2 and 14.5.2. For mo...
PT-2021-7235 · Gitlab · Gitlab Runner +1
Name of the Vulnerable Software and Affected Versions: GitLab Runner versions up to 14.3.4 GitLab Runner versions 14.4 to 14.4.2 GitLab Runner versions 14.5 to 14.5.2 Description: The issue is related to information disclosure in GitLab Runner. In specific circumstances, trace file buffers would...
CVE-2020-13327
An issue has been discovered in GitLab Runner affecting all versions starting from 13.4.0 before 13.4.2, all versions starting from 13.3.0 before 13.3.7, all versions starting from 13.2.0 before 13.2.10. Insecure Runner Configuration in Kubernetes Environments...
Design/Logic Flaw
An issue has been discovered in GitLab Runner affecting all versions starting from 13.4.0 before 13.4.2, all versions starting from 13.3.0 before 13.3.7, all versions starting from 13.2.0 before 13.2.10. Insecure Runner Configuration in Kubernetes Environments...
CVE-2020-13327
An issue has been discovered in GitLab Runner affecting all versions starting from 13.4.0 before 13.4.2, all versions starting from 13.3.0 before 13.3.7, all versions starting from 13.2.0 before 13.2.10. Insecure Runner Configuration in Kubernetes Environments...
UBUNTU-CVE-2020-13327
An issue has been discovered in GitLab Runner affecting all versions starting from 13.4.0 before 13.4.2, all versions starting from 13.3.0 before 13.3.7, all versions starting from 13.2.0 before 13.2.10. Insecure Runner Configuration in Kubernetes Environments...
CVE-2020-13327
An issue has been discovered in GitLab Runner affecting all versions starting from 13.4.0 before 13.4.2, all versions starting from 13.3.0 before 13.3.7, all versions starting from 13.2.0 before 13.2.10. Insecure Runner Configuration in Kubernetes Environments...
CVE-2020-13327
Removed by vendor...
PT-2020-13468 · Gitlab · Gitlab Runner +1
Name of the Vulnerable Software and Affected Versions: GitLab Runner versions 13.2.0 through 13.2.9 GitLab Runner versions 13.3.0 through 13.3.6 GitLab Runner versions 13.4.0 through 13.4.1 Description: An issue has been discovered in GitLab Runner related to Insecure Runner Configuration in...
CVE-2020-13347
A command injection vulnerability was discovered in Gitlab runner versions prior to 13.2.4, 13.3.2 and 13.4.1. When the runner is configured on a Windows system with a docker executor, which allows the attacker to run arbitrary commands on Windows host, via DOCKERAUTHCONFIG build variable...
CVE-2020-13347
A command injection vulnerability was discovered in Gitlab runner versions prior to 13.2.4, 13.3.2 and 13.4.1. When the runner is configured on a Windows system with a docker executor, which allows the attacker to run arbitrary commands on Windows host, via DOCKERAUTHCONFIG build variable...
UBUNTU-CVE-2020-13347
A command injection vulnerability was discovered in Gitlab runner versions prior to 13.2.4, 13.3.2 and 13.4.1. When the runner is configured on a Windows system with a docker executor, which allows the attacker to run arbitrary commands on Windows host, via DOCKERAUTHCONFIG build variable...
CVE-2020-13347
CVE-2020-13347 affects GitLab Runner on Windows when using the Docker executor. The vulnerability is a command injection in the runner prior to versions 13.2.4, 13.3.2 and 13.4.1, exploitable via the DOCKER_AUTH_CONFIG build variable, allowing an attacker to execute arbitrary commands on the Wind...
PT-2020-13488 · Gitlab · Gitlab Runner +1
Name of the Vulnerable Software and Affected Versions: Gitlab runner versions prior to 13.2.4 Gitlab runner versions prior to 13.3.2 Gitlab runner versions prior to 13.4.1 Description: A command injection issue was discovered. When the runner is configured on a Windows system with a docker...
UBUNTU-CVE-2020-13310
A vulnerability was discovered in GitLab runner versions before 13.1.3, 13.2.3 and 13.3.1. It was possible to make the gitlab-runner process crash by sending malformed queries, resulting in a denial of service...
CVE-2020-13310
A vulnerability was discovered in GitLab runner versions before 13.1.3, 13.2.3 and 13.3.1. It was possible to make the gitlab-runner process crash by sending malformed queries, resulting in a denial of service...
PT-2020-13451 · Gitlab · Gitlab Runner +1
Name of the Vulnerable Software and Affected Versions: GitLab runner versions prior to 13.1.3 GitLab runner versions prior to 13.2.3 GitLab runner versions prior to 13.3.1 Description: A denial of service issue was discovered, allowing the gitlab-runner process to crash by sending malformed...
FreeBSD : Gitlab -- multiple vulnerabilities (1fb13175-ed52-11ea-8b93-001b217b3468)
Gitlab reports : Vendor Cross-Account Assume-Role Attack Stored XSS on the Vulnerability Page Outdated Job Token Can Be Reused to Access Unauthorized Resources File Disclosure Via Workhorse File Upload Bypass Unauthorized Maintainer Can Edit Group Badge Denial of Service Within Wiki Functionality...
GitLab Runner Code Issue Vulnerability
GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A code issue vulnerability exists in GitLab Runner versio...