Lucene search
K

106 matches found

CNVD
CNVD
added 2020/02/11 12:0 a.m.2 views

GitLab EE Insecure Privilege Vulnerability (CNVD-2020-14342)

GitLab is an open source application developed using Ruby on Rails that implements a self-hosted Git project repository that can be accessed through a web interface for public and private projects.GitLab EE is GitLab Enterprise Edition. GitLab EE 12.2 suffers from an insecure privilege...

7.5CVSS7AI score0.009EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2020/02/05 12:0 a.m.1 views

PT-2020-19888 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions prior to 12.7.3 Description: The issue allows for cross-site scripting XSS, which is a type of attack where an attacker can inject malicious scripts into a website. Recommendations: For versions prior to 12.7.3, update to...

6.1CVSS5.9AI score0.00883EPSS
Exploits0References7
NVD
NVD
added 2020/01/28 3:15 a.m.18 views

CVE-2019-15586

A XSS exists in Gitlab CE/EE 12.1.10 in the Mermaid plugin...

6.1CVSS5.9AI score0.00763EPSS
Exploits0References2
CNVD
CNVD
added 2019/09/03 12:0 a.m.3 views

Unspecified Vulnerability in GitLab (CNVD-2019-30487)

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in GitLab Enterprise and...

7.5CVSS6.4AI score0.0173EPSS
Exploits0References1
Hacker One
Hacker One
added 2019/08/09 1:54 p.m.42 views

GitLab: Uncontrolled Resource Consumption in any Markdown field using Mermaid

Summary I found a bypass for the mitigation of DoS via Mermaid CVE-2019-9220. As the mitigation for CVE-2019-9220, the input limit of 5000 characters is currently applied to a Mermaid code block, but it can be bypassed by simply splitting the longer payload to many code blocks. Steps to reproduce...

5CVSS6.9AI score0.02776EPSS
Exploits2
CNVD
CNVD
added 2018/03/22 12:0 a.m.4 views

Gitlab GitlabProjectsImportService Remote Code Execution Vulnerability

GitLab is a set of open source applications developed using Ruby on Rails to implement a self-hosted Git version control system project repository, which has similar functionality to Github, with access to a project's file contents, commit history, bug lists, etc. The GitLab Community Edition CE ...

9.8CVSS7.1AI score0.05705EPSS
Exploits0References1
Rows per page
Query Builder