228 matches found
CVE-2024-8186 vulnerabilities
Vulnerabilities for packages: gitlab-runner...
GHSA-RMHM-CWGP-268P vulnerabilities
Vulnerabilities for packages: gitlab-runner-fips...
GHSA-V84C-53C6-XMMP vulnerabilities
Vulnerabilities for packages: gitlab-runner-fips...
GHSA-R3MM-QXV5-X23H vulnerabilities
Vulnerabilities for packages: gitlab-runner-fips...
GHSA-F5R5-77WF-XX6H vulnerabilities
Vulnerabilities for packages: gitlab-runner-fips...
GHSA-G797-R4R7-WP94 vulnerabilities
Vulnerabilities for packages: gitlab-runner-fips...
GHSA-94XW-8RG2-4FMC vulnerabilities
Vulnerabilities for packages: gitlab-runner-fips...
GHSA-32CH-6X54-Q4H9 vulnerabilities
Vulnerabilities for packages: cue-fips, docker-credential-acr-env, kubebuilder, aws-load-balancer-controller, vertical-pod-autoscaler, vite, mongo-tools, dive, gcsfuse, volume-modifier-for-k8s, nri-prometheus, hubble-ui-backend-fips, bank-vaults-fips, k8ssandra-operator-fips, caddy, nri-mysql,...
CVE-2020-13347
A command injection vulnerability was discovered in Gitlab runner versions prior to 13.2.4, 13.3.2 and 13.4.1. When the runner is configured on a Windows system with a docker executor, which allows the attacker to run arbitrary commands on Windows host, via DOCKERAUTHCONFIG build variable...
CVE-2024-8237 vulnerabilities
Vulnerabilities for packages: gitlab-runner-fips...
CVE-2024-8114 vulnerabilities
Vulnerabilities for packages: gitlab-runner-fips...
CVE-2024-8177 vulnerabilities
Vulnerabilities for packages: gitlab-runner-fips...
CVE-2024-11828 vulnerabilities
Vulnerabilities for packages: gitlab-runner-fips...
CVE-2024-11668 vulnerabilities
Vulnerabilities for packages: gitlab-runner-fips...
CVE-2024-11669 vulnerabilities
Vulnerabilities for packages: gitlab-runner-fips...
CVE-2024-35255 vulnerabilities
Vulnerabilities for packages: restic, sops, trivy, zot, argo-workflows, druid, rekor, sqlpad, cortex, tempo, buildkitd, opentelemetry-collector-contrib, terragrunt, datadog-agent, guac, spire-server, rclone, step, kubescape, opentelemetry-collector, sigstore-scaffolding, fulcio, k8sgpt, pulumi,...
UBUNTU-CVE-2024-2874
An issue has been discovered in GitLab CE/EE affecting all versions before 16.10.6, version 16.11 before 16.11.3, and 17.0 before 17.0.1. A runner registered with a crafted description has the potential to disrupt the loading of targeted GitLab web resources...
GitLab 1.0 < 13.1.3 / 13.2 < 13.2.3 / 13.3 < 13.3.1 (CVE-2020-13310)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - A vulnerability was discovered in GitLab runner versions before 13.1.3, 13.2.3 and 13.3.1. It was possible to make the gitlab-runner process crash by sending malformed queries, resulting in a denial o...
BIT-GITLAB-2020-13347
A command injection vulnerability was discovered in Gitlab runner versions prior to 13.2.4, 13.3.2 and 13.4.1. When the runner is configured on a Windows system with a docker executor, which allows the attacker to run arbitrary commands on Windows host, via DOCKERAUTHCONFIG build variable...
BIT-GITLAB-2021-39939
An uncontrolled resource consumption vulnerability in GitLab Runner affecting all versions starting from 13.7 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, allows an attacker triggering a job with a specially crafted docker image to...