30 matches found
CLEANSTART-2026-AX77726 vulnerability was found in PAM
Multiple security vulnerabilities affect the gitlab-shell-fips package. A vulnerability was found in PAM. See references for individual vulnerability details...
CVE-2021-22254
Under very specific conditions a user could be impersonated using Gitlab shell. This vulnerability affects GitLab CE/EE 13.1 and later through 14.1.2, 14.0.7 and 13.12.9...
EUVD-2021-9323
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2021-22177
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Potential DoS was identified in gitlab-shell in GitLab CE/EE version 12.6.0 or above, which allows an attacker to spike the server resource utilization via...
CVE-2021-22177
Potential DoS was identified in gitlab-shell in GitLab CE/EE version 12.6.0 or above, which allows an attacker to spike the server resource utilization via gitlab-shell command...
GHSA-V6V8-XJ6M-XWQH vulnerabilities
Vulnerabilities for packages: fulcio, aactl, bank-vaults, external-dns, gh, gitsign, flux-notification-controller, neuvector-sigstore-interface, kubescape, flux-source-controller, scorecard, grafana-mimir, policy-controller, slsa-verifier, opentelemetry-collector, flux-helm-controller,...
CVE-2024-6104 vulnerabilities
Vulnerabilities for packages: fulcio, aactl, bank-vaults, external-dns, gh, gitsign, flux-notification-controller, neuvector-sigstore-interface, kubescape, flux-source-controller, scorecard, grafana-mimir, policy-controller, slsa-verifier, opentelemetry-collector, flux-helm-controller,...
BIT-GITLAB-2021-22177
Potential DoS was identified in gitlab-shell in GitLab CE/EE version 12.6.0 or above, which allows an attacker to spike the server resource utilization via gitlab-shell command...
CVE-2023-39325 vulnerabilities
Vulnerabilities for packages: crossplane-provider-aws, dex-k8s-authenticator, stakater-reloader, nfs-subdir-external-provisioner, kots, vault-k8s, gitness, haproxy-ingress, kubernetes-csi-external-provisioner, flux, sigstore-scaffolding, kpt, amass, kubernetes-dashboard, ollama,...
GHSA-QPPJ-FM5R-HXR3 vulnerabilities
Vulnerabilities for packages: aactl, src, dgraph, kubescape, secrets-store-csi-driver, hugo, nginx-stable, minio, cortex, pulumi-language-dotnet, flux-kustomize-controller, wireguard-go, gobuster, nri-prometheus, buildkitd, ip-masq-agent, newrelic-infrastructure-agent, terraform-provider-azurerm,...
UBUNTU-CVE-2021-22254
Under very specific conditions a user could be impersonated using Gitlab shell. This vulnerability affects GitLab CE/EE 13.1 and later through 14.1.2, 14.0.7 and 13.12.9...
GitLab 安全漏洞
GitLab is a self-hosted, Git version control system project repository application developed in Ruby on Rails by GitLab, Inc. The application can be used to access a project's file content, commit history, bug list, etc. A security vulnerability exists in Gitlab, which stems from the product's la...
CVE-2021-22177
Potential DoS was identified in gitlab-shell in GitLab CE/EE version 12.6.0 or above, which allows an attacker to spike the server resource utilization via gitlab-shell command...
CVE-2021-22177
Potential DoS was identified in gitlab-shell in GitLab CE/EE version 12.6.0 or above, which allows an attacker to spike the server resource utilization via gitlab-shell command...
UBUNTU-CVE-2021-22177
Potential DoS was identified in gitlab-shell in GitLab CE/EE version 12.6.0 or above, which allows an attacker to spike the server resource utilization via gitlab-shell command...
CVE-2021-22177
Summary of CVE-2021-22177 (GitLab/gitlab-shell DoS) Affected software: GitLab Community Edition and Enterprise Edition (GitLab CE/EE) with gitlab-shell, version 12.6.0 or newer. Root cause and vulnerability: A potential DoS vulnerability in gitlab-shell allows an attacker to spike server resource...
CVE-2021-22177
Removed by vendor...
GitLab 资源管理错误漏洞
GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. GitLab has a security vulnerability in versions after...
PT-2021-14889 · Gitlab · Gitlab Ce/Ee +2
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 12.6.0 and above Description: A potential Denial of Service DoS issue was identified in gitlab-shell, allowing an attacker to increase server resource utilization via the gitlab-shell command. Recommendations: For GitLab...
GitLab: Stored-XSS on wiki pages
Hello, A Stored-XSS is existing on Wiki pages. It is caused by recent change in show.html.hamlL10 ruby ... "".htmlsafe ... authorurl is defined by committed email in wikipageversion.rb: ruby delegate :message, :sha, :id, :authorname, :authoremail, :authoreddate, to: :commit def authorurl user =...