CLEANSTART-2026-AX77726 vulnerability was found in PAM

Multiple security vulnerabilities affect the gitlab-shell-fips package. A vulnerability was found in PAM. See references for individual vulnerability details...

CVE-2021-22254

Under very specific conditions a user could be impersonated using Gitlab shell. This vulnerability affects GitLab CE/EE 13.1 and later through 14.1.2, 14.0.7 and 13.12.9...

EUVD-2021-9323

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2021-22177

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Potential DoS was identified in gitlab-shell in GitLab CE/EE version 12.6.0 or above, which allows an attacker to spike the server resource utilization via...

CVE-2021-22177

Potential DoS was identified in gitlab-shell in GitLab CE/EE version 12.6.0 or above, which allows an attacker to spike the server resource utilization via gitlab-shell command...

GHSA-V6V8-XJ6M-XWQH vulnerabilities

Vulnerabilities for packages: goreleaser, scorecard, fulcio, terraform, slsa-verifier, zot, gitsign, gh, crossplane-provider-family-azure, k3d, kubescape, zarf, pulumi-kubernetes-operator, argo-events, tekton-chains, rabbitmq-messaging-topology-operator, crossplane-provider-azure-storage, kubevel...

CVE-2024-6104 vulnerabilities

Vulnerabilities for packages: goreleaser, scorecard, fulcio, terraform, slsa-verifier, zot, gitsign, gh, crossplane-provider-family-azure, k3d, kubescape, zarf, pulumi-kubernetes-operator, argo-events, tekton-chains, rabbitmq-messaging-topology-operator, crossplane-provider-azure-storage, kubevel...

BIT-GITLAB-2021-22177

Potential DoS was identified in gitlab-shell in GitLab CE/EE version 12.6.0 or above, which allows an attacker to spike the server resource utilization via gitlab-shell command...

CVE-2023-39325 vulnerabilities

Vulnerabilities for packages: prometheus-stackdriver-exporter, nodetaint, pulumi, falcoctl, prometheus-adapter, smarter-device-manager-fips, runc, prometheus-postgres-exporter, kots, cue, buildkitd, gke-gcloud-auth-plugin, falco, prometheus-node-exporter, flux-image-automation-controller, up,...

GHSA-QPPJ-FM5R-HXR3 vulnerabilities

Vulnerabilities for packages: newrelic-infrastructure-agent, mc, pulumi-language-dotnet, kubescape, rqlite, pulumi-kubernetes-operator, kubevela, gke-gcloud-auth-plugin, conftest, cosign, oauth2-proxy, prometheus-blackbox-exporter, sigstore-scaffolding, cortex, flux-helm-controller,...

UBUNTU-CVE-2021-22254

Under very specific conditions a user could be impersonated using Gitlab shell. This vulnerability affects GitLab CE/EE 13.1 and later through 14.1.2, 14.0.7 and 13.12.9...

GitLab 安全漏洞

GitLab is a self-hosted, Git version control system project repository application developed in Ruby on Rails by GitLab, Inc. The application can be used to access a project's file content, commit history, bug list, etc. A security vulnerability exists in Gitlab, which stems from the product's la...

CVE-2021-22177

Potential DoS was identified in gitlab-shell in GitLab CE/EE version 12.6.0 or above, which allows an attacker to spike the server resource utilization via gitlab-shell command...

CVE-2021-22177

Potential DoS was identified in gitlab-shell in GitLab CE/EE version 12.6.0 or above, which allows an attacker to spike the server resource utilization via gitlab-shell command...

UBUNTU-CVE-2021-22177

Potential DoS was identified in gitlab-shell in GitLab CE/EE version 12.6.0 or above, which allows an attacker to spike the server resource utilization via gitlab-shell command...

CVE-2021-22177

Summary of CVE-2021-22177 (GitLab/gitlab-shell DoS) Affected software: GitLab Community Edition and Enterprise Edition (GitLab CE/EE) with gitlab-shell, version 12.6.0 or newer. Root cause and vulnerability: A potential DoS vulnerability in gitlab-shell allows an attacker to spike server resource...

CVE-2021-22177

Removed by vendor...

GitLab 资源管理错误漏洞

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. GitLab has a security vulnerability in versions after...

PT-2021-14889 · Gitlab · Gitlab Ce/Ee +2

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 12.6.0 and above Description: A potential Denial of Service DoS issue was identified in gitlab-shell, allowing an attacker to increase server resource utilization via the gitlab-shell command. Recommendations: For GitLab...

GitLab: Stored-XSS on wiki pages

Hello, A Stored-XSS is existing on Wiki pages. It is caused by recent change in show.html.hamlL10 ruby ... "".htmlsafe ... authorurl is defined by committed email in wikipageversion.rb: ruby delegate :message, :sha, :id, :authorname, :authoremail, :authoreddate, to: :commit def authorurl user =...