Lucene search
K

228 matches found

Positive Technologies
Positive Technologies
added 2021/12/13 12:0 a.m.10 views

PT-2021-22778 · Gitlab · Gitlab Runner +1

Name of the Vulnerable Software and Affected Versions: GitLab Runner versions 13.7 through 14.3.6 GitLab Runner versions 14.4 through 14.4.4 GitLab Runner versions 14.5 through 14.5.2 Description: An uncontrolled resource consumption issue in GitLab Runner allows an attacker to trigger a job with...

6.5CVSS6.1AI score0.00907EPSS
Exploits0References10
NCSC
NCSC
added 2021/12/13 12:0 a.m.11 views

Vulnerabilities fixed in GitLab Runner

Vulnerabilities have been fixed in GitLab Runner. A authenticated malicious party could potentially exploit them to cause a denial-of-service or to gain access to system data. GitLab developers have released updates to address the vulnerabilities in GitLab Runner 14.3.4, 14.4.2 and 14.5.2. For mo...

7.5CVSS9.2AI score0.01857EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2021/08/23 12:0 a.m.4 views

PT-2021-7235 · Gitlab · Gitlab Runner +1

Name of the Vulnerable Software and Affected Versions: GitLab Runner versions up to 14.3.4 GitLab Runner versions 14.4 to 14.4.2 GitLab Runner versions 14.5 to 14.5.2 Description: The issue is related to information disclosure in GitLab Runner. In specific circumstances, trace file buffers would...

7.8CVSS6.9AI score0.00794EPSS
Exploits0References12
OSV
OSV
added 2020/10/22 9:15 p.m.2 views

CVE-2020-13327

An issue has been discovered in GitLab Runner affecting all versions starting from 13.4.0 before 13.4.2, all versions starting from 13.3.0 before 13.3.7, all versions starting from 13.2.0 before 13.2.10. Insecure Runner Configuration in Kubernetes Environments...

7.5CVSS7AI score0.00706EPSS
Exploits0References2
Prion
Prion
added 2020/10/22 9:15 p.m.18 views

Design/Logic Flaw

An issue has been discovered in GitLab Runner affecting all versions starting from 13.4.0 before 13.4.2, all versions starting from 13.3.0 before 13.3.7, all versions starting from 13.2.0 before 13.2.10. Insecure Runner Configuration in Kubernetes Environments...

6CVSS7.3AI score0.00706EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCve
added 2020/10/22 9:15 p.m.26 views

CVE-2020-13327

An issue has been discovered in GitLab Runner affecting all versions starting from 13.4.0 before 13.4.2, all versions starting from 13.3.0 before 13.3.7, all versions starting from 13.2.0 before 13.2.10. Insecure Runner Configuration in Kubernetes Environments...

7.5CVSS6.9AI score0.00706EPSS
Exploits0References1
OSV
OSV
added 2020/10/22 9:15 p.m.2 views

UBUNTU-CVE-2020-13327

An issue has been discovered in GitLab Runner affecting all versions starting from 13.4.0 before 13.4.2, all versions starting from 13.3.0 before 13.3.7, all versions starting from 13.2.0 before 13.2.10. Insecure Runner Configuration in Kubernetes Environments...

7.5CVSS7AI score0.00706EPSS
Exploits0References2
Cvelist
Cvelist
added 2020/10/22 8:5 p.m.22 views

CVE-2020-13327

An issue has been discovered in GitLab Runner affecting all versions starting from 13.4.0 before 13.4.2, all versions starting from 13.3.0 before 13.3.7, all versions starting from 13.2.0 before 13.2.10. Insecure Runner Configuration in Kubernetes Environments...

6CVSS7.3AI score0.00706EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2020/10/22 8:5 p.m.29 views

CVE-2020-13327

Removed by vendor...

7.5CVSS7.4AI score0.00706EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2020/10/22 12:0 a.m.2 views

PT-2020-13468 · Gitlab · Gitlab Runner +1

Name of the Vulnerable Software and Affected Versions: GitLab Runner versions 13.2.0 through 13.2.9 GitLab Runner versions 13.3.0 through 13.3.6 GitLab Runner versions 13.4.0 through 13.4.1 Description: An issue has been discovered in GitLab Runner related to Insecure Runner Configuration in...

7.5CVSS7.2AI score0.00706EPSS
Exploits0References8
OSV
OSV
added 2020/10/07 2:15 p.m.31 views

CVE-2020-13347

A command injection vulnerability was discovered in Gitlab runner versions prior to 13.2.4, 13.3.2 and 13.4.1. When the runner is configured on a Windows system with a docker executor, which allows the attacker to run arbitrary commands on Windows host, via DOCKERAUTHCONFIG build variable...

9.1CVSS7.5AI score0.02282EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2020/10/07 2:15 p.m.25 views

CVE-2020-13347

A command injection vulnerability was discovered in Gitlab runner versions prior to 13.2.4, 13.3.2 and 13.4.1. When the runner is configured on a Windows system with a docker executor, which allows the attacker to run arbitrary commands on Windows host, via DOCKERAUTHCONFIG build variable...

9.1CVSS7.2AI score0.02282EPSS
Exploits0References4
OSV
OSV
added 2020/10/07 2:15 p.m.2 views

UBUNTU-CVE-2020-13347

A command injection vulnerability was discovered in Gitlab runner versions prior to 13.2.4, 13.3.2 and 13.4.1. When the runner is configured on a Windows system with a docker executor, which allows the attacker to run arbitrary commands on Windows host, via DOCKERAUTHCONFIG build variable...

9.1CVSS7.4AI score0.02282EPSS
Exploits0References5
CVE
CVE
added 2020/10/07 1:14 p.m.69 views

CVE-2020-13347

CVE-2020-13347 affects GitLab Runner on Windows when using the Docker executor. The vulnerability is a command injection in the runner prior to versions 13.2.4, 13.3.2 and 13.4.1, exploitable via the DOCKER_AUTH_CONFIG build variable, allowing an attacker to execute arbitrary commands on the Wind...

9.1CVSS9.4AI score0.02282EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2020/10/07 12:0 a.m.5 views

PT-2020-13488 · Gitlab · Gitlab Runner +1

Name of the Vulnerable Software and Affected Versions: Gitlab runner versions prior to 13.2.4 Gitlab runner versions prior to 13.3.2 Gitlab runner versions prior to 13.4.1 Description: A command injection issue was discovered. When the runner is configured on a Windows system with a docker...

9.1CVSS9.5AI score0.02282EPSS
Exploits0References10
OSV
OSV
added 2020/09/14 10:15 p.m.4 views

UBUNTU-CVE-2020-13310

A vulnerability was discovered in GitLab runner versions before 13.1.3, 13.2.3 and 13.3.1. It was possible to make the gitlab-runner process crash by sending malformed queries, resulting in a denial of service...

6.5CVSS5.8AI score0.01652EPSS
Exploits0References3
Cvelist
Cvelist
added 2020/09/14 9:33 p.m.23 views

CVE-2020-13310

A vulnerability was discovered in GitLab runner versions before 13.1.3, 13.2.3 and 13.3.1. It was possible to make the gitlab-runner process crash by sending malformed queries, resulting in a denial of service...

6.5CVSS6.3AI score0.01652EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2020/09/14 12:0 a.m.3 views

PT-2020-13451 · Gitlab · Gitlab Runner +1

Name of the Vulnerable Software and Affected Versions: GitLab runner versions prior to 13.1.3 GitLab runner versions prior to 13.2.3 GitLab runner versions prior to 13.3.1 Description: A denial of service issue was discovered, allowing the gitlab-runner process to crash by sending malformed...

6.5CVSS6.2AI score0.01652EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2020/09/04 12:0 a.m.47 views

FreeBSD : Gitlab -- multiple vulnerabilities (1fb13175-ed52-11ea-8b93-001b217b3468)

Gitlab reports : Vendor Cross-Account Assume-Role Attack Stored XSS on the Vulnerability Page Outdated Job Token Can Be Reused to Access Unauthorized Resources File Disclosure Via Workhorse File Upload Bypass Unauthorized Maintainer Can Edit Group Badge Denial of Service Within Wiki Functionality...

10CVSS6.8AI score0.99019EPSS
Exploits7References27
CNVD
CNVD
added 2020/08/12 12:0 a.m.3 views

GitLab Runner Code Issue Vulnerability

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A code issue vulnerability exists in GitLab Runner versio...

8.8CVSS7.3AI score0.01158EPSS
Exploits0References1
Rows per page
Query Builder