GitLab CE and EE Denial of Service Vulnerabilities

GitLab is a set of open source applications developed using Ruby on Rails to implement a self-hosted Git version control system project repository, which has similar functionality to Github for accessing the contents of a project's files, commit history, bug lists, and more. A denial-of-service...

GitLab CE and EE Cross-Site Request Forgery Vulnerability

GitLab is a set of Ruby on Rails development of open source applications , can be realized as a self-hosted Git version control system project repository , which has a similar function to Github , you can check the project's file content , the history of commits , the list of bugs , etc. System...

GitLab CE and EE Cross-Site Scripting Vulnerability (CNVD-2019-06641)

GitLab is a set of open source applications developed using Ruby on Rails to implement a self-hosted Git version control system project repository, which has similar functionality to Github for accessing the contents of a project's files, commit history, bug lists, and more. A cross-site scriptin...

CVE-2018-8801

GitLab Community and Enterprise Editions version 8.3 up to 10.x before 10.3 are vulnerable to SSRF in the Services and webhooks component...

UBUNTU-CVE-2018-9243

GitLab Community and Enterprise Editions version 8.4 up to 10.4 are vulnerable to XSS because a lack of input validation in the merge request component leads to cross site scripting specifically, filenames in changes tabs of merge requests. This is fixed in 10.6.3, 10.5.7, and 10.4.7...

GitLab Auth0 integration configuration vulnerability

GitLab is a set of open source applications developed using Ruby on Rails to implement a self-hosted Git version control system project repository, which has similar functionality to Github for accessing the contents of a project's files, commit history, bug lists, and more. A security...

Gitlab project import component remote code execution vulnerability

GitLab is a set of open source applications developed using Ruby on Rails to implement a self-hosted Git version control system project repository , which has similar features to Github , you can access the project's file content , commit history , bug lists , etc. GitLab Community Edition CE is...

Gitlab labels component cross-site scripting vulnerability

GitLab is a set of open source applications developed using Ruby on Rails to implement a self-hosted Git version control system project repository , which has features similar to Github , you can access the project's file content , commit history , bug lists , etc. GitLab Community Edition CE is...

Gitlab Projects::BoardsController component authorization bypass vulnerability

GitLab is a set of open source applications developed using Ruby on Rails , you can implement a self-hosted Git version control system project repository , it has similar features to Github , you can access the project's file content , commit history , bug lists , etc. Gitlab Enterprise Edition E...

GitLab SSL Certificate Validation Vulnerability

GitLab is a set of open source applications developed using Ruby on Rails to implement a self-hosted Git version control system project repository, which has similar functionality to Github for accessing the contents of a project's files, commit history, bug lists, and more. A security...

GitLab Cross-Site Scripting Vulnerability

GitLab is a set of open source applications developed using Ruby on Rails to implement a self-hosted Git version control system project repository, which has similar functionality to Github for accessing the contents of a project's files, commit history, bug lists, and more. A cross-site scriptin...

CVE-2017-8778

GitLab before 8.14.9, 8.15.x before 8.15.6, and 8.16.x before 8.16.5 has XSS via a SCRIPT element in an issue attachment or avatar that is an SVG document...

GitLab Design Vulnerabilities

GitLab is a set of open source applications developed using Ruby on Rails to implement a self-hosted Git version control system project repository, which has similar functionality to Github for accessing a project's file contents, commit history, bug lists, and more. There is a security...

GitLab Directory Traversal Vulnerability

GitLab is a set of open source applications developed using Ruby on Rails to implement a self-hosted Git version control system project repository. GitLab suffers from a directory traversal vulnerability due to the program failing to properly check for symbolic links in user-supplied documents. A...

GitLab Impersonate Feature Elevation of Privilege Vulnerability

GitLab is a set of open source applications developed using Ruby on Rails to implement a self-hosted Git version control system project repository, which has similar functionality to Github for accessing the contents of a project's files, commit history, bug lists, and more. An elevation of...