CLEANSTART-2026-AX77726 vulnerability was found in PAM

Multiple security vulnerabilities affect the gitlab-shell-fips package. A vulnerability was found in PAM. See references for individual vulnerability details...

CVE-2021-22254

Under very specific conditions a user could be impersonated using Gitlab shell. This vulnerability affects GitLab CE/EE 13.1 and later through 14.1.2, 14.0.7 and 13.12.9...

EUVD-2021-9323

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2021-22177

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Potential DoS was identified in gitlab-shell in GitLab CE/EE version 12.6.0 or above, which allows an attacker to spike the server resource utilization via...

CVE-2021-22177

Potential DoS was identified in gitlab-shell in GitLab CE/EE version 12.6.0 or above, which allows an attacker to spike the server resource utilization via gitlab-shell command...

GHSA-V6V8-XJ6M-XWQH vulnerabilities

Vulnerabilities for packages: tkn, zarf, crossplane-provider-azure-managedidentity, actions-runner-controller, timestamp-authority, zot, bank-vaults, opentelemetry-collector-contrib, scorecard, slsa-verifier, external-dns, tekton-chains, gitsign, k3s, flux, terragrunt, flux-kustomize-controller,...

CVE-2024-6104 vulnerabilities

Vulnerabilities for packages: tkn, zarf, crossplane-provider-azure-managedidentity, actions-runner-controller, timestamp-authority, zot, bank-vaults, opentelemetry-collector-contrib, scorecard, slsa-verifier, external-dns, tekton-chains, gitsign, k3s, flux, terragrunt, flux-kustomize-controller,...

BIT-GITLAB-2021-22177

Potential DoS was identified in gitlab-shell in GitLab CE/EE version 12.6.0 or above, which allows an attacker to spike the server resource utilization via gitlab-shell command...

CVE-2023-39325 vulnerabilities

Vulnerabilities for packages: aws-efs-csi-driver, kube-logging-logging-operator, atlantis-fips, node-problem-detector, prometheus-postgres-exporter, pulumi-language-yaml, kubernetes-dns-node-cache, terraform-provider-sendgrid, prometheus-mongodb-exporter, caddy, prometheus-operator,...

GHSA-QPPJ-FM5R-HXR3 vulnerabilities

Vulnerabilities for packages: hey, stakater-reloader, scorecard, hugo, slsa-verifier, wireguard-go, cosign, kubewatch, dgraph, prometheus-adapter, gitness, atlantis, fuse-overlayfs-snapshotter, nri-prometheus, kubevela, haproxy-ingress, nginx-mainline, memcached-exporter, secrets-store-csi-driver...

UBUNTU-CVE-2021-22254

Under very specific conditions a user could be impersonated using Gitlab shell. This vulnerability affects GitLab CE/EE 13.1 and later through 14.1.2, 14.0.7 and 13.12.9...

GitLab 安全漏洞

GitLab is a self-hosted, Git version control system project repository application developed in Ruby on Rails by GitLab, Inc. The application can be used to access a project's file content, commit history, bug list, etc. A security vulnerability exists in Gitlab, which stems from the product's la...

CVE-2021-22177

Potential DoS was identified in gitlab-shell in GitLab CE/EE version 12.6.0 or above, which allows an attacker to spike the server resource utilization via gitlab-shell command...

CVE-2021-22177

Potential DoS was identified in gitlab-shell in GitLab CE/EE version 12.6.0 or above, which allows an attacker to spike the server resource utilization via gitlab-shell command...

UBUNTU-CVE-2021-22177

Potential DoS was identified in gitlab-shell in GitLab CE/EE version 12.6.0 or above, which allows an attacker to spike the server resource utilization via gitlab-shell command...

CVE-2021-22177

Summary of CVE-2021-22177 (GitLab/gitlab-shell DoS) Affected software: GitLab Community Edition and Enterprise Edition (GitLab CE/EE) with gitlab-shell, version 12.6.0 or newer. Root cause and vulnerability: A potential DoS vulnerability in gitlab-shell allows an attacker to spike server resource...

CVE-2021-22177

Removed by vendor...

GitLab 资源管理错误漏洞

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. GitLab has a security vulnerability in versions after...

PT-2021-14889 · Gitlab · Gitlab Ce/Ee +2

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 12.6.0 and above Description: A potential Denial of Service DoS issue was identified in gitlab-shell, allowing an attacker to increase server resource utilization via the gitlab-shell command. Recommendations: For GitLab...

GitLab: Stored-XSS on wiki pages

Hello, A Stored-XSS is existing on Wiki pages. It is caused by recent change in show.html.hamlL10 ruby ... "".htmlsafe ... authorurl is defined by committed email in wikipageversion.rb: ruby delegate :message, :sha, :id, :authorname, :authoremail, :authoreddate, to: :commit def authorurl user =...