Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3125 matches found

NVD
NVDadded 2021/07/07 12:15 p.m.18 views

CVE-2021-22224

A cross-site request forgery vulnerability in the GraphQL API in GitLab since version 13.12 and before versions 13.12.6 and 14.0.2 allowed an attacker to call mutations as the victim...

7.1CVSS0.00893EPSS
Exploits0References3
OSV
OSVadded 2021/07/07 12:15 p.m.18 views

CVE-2021-22224

A cross-site request forgery vulnerability in the GraphQL API in GitLab since version 13.12 and before versions 13.12.6 and 14.0.2 allowed an attacker to call mutations as the victim...

6.5CVSS6.3AI score0.00893EPSS
Exploits0References3
UbuntuCve
UbuntuCveadded 2021/07/07 12:15 p.m.22 views

CVE-2021-22224

A cross-site request forgery vulnerability in the GraphQL API in GitLab since version 13.12 and before versions 13.12.6 and 14.0.2 allowed an attacker to call mutations as the victim...

7.1CVSS6.7AI score0.00893EPSS
Exploits0References4
Prion
Prionadded 2021/07/07 12:15 p.m.17 views

Cross site request forgery (csrf)

A cross-site request forgery vulnerability in the GraphQL API in GitLab since version 13.12 and before versions 13.12.6 and 14.0.2 allowed an attacker to call mutations as the victim...

4.3CVSS6.3AI score0.00893EPSS
Exploits0References3Affected Software1
OSV
OSVadded 2021/07/07 12:15 p.m.1 views

UBUNTU-CVE-2021-22224

A cross-site request forgery vulnerability in the GraphQL API in GitLab since version 13.12 and before versions 13.12.6 and 14.0.2 allowed an attacker to call mutations as the victim...

7.1CVSS5.7AI score0.00893EPSS
Exploits0References5
Cvelist
Cvelistadded 2021/07/07 11:26 a.m.20 views

CVE-2021-22224

A cross-site request forgery vulnerability in the GraphQL API in GitLab since version 13.12 and before versions 13.12.6 and 14.0.2 allowed an attacker to call mutations as the victim...

7.1CVSS6.8AI score0.00893EPSS
Exploits0References3
CVE
CVEadded 2021/07/07 11:26 a.m.68 views

CVE-2021-22224

CVE-2021-22224 concerns a cross-site request forgery in GitLab’s GraphQL API. The provided materials specify that since version 13.12 and before versions 13.12.6 and 14.0.2, an attacker could “call mutations as the victim,” implying CSRF on authenticated users. The connected documents confirm aff...

7.1CVSS6.2AI score0.00893EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVEadded 2021/07/07 11:26 a.m.29 views

CVE-2021-22224

Removed by vendor...

7.1CVSS6.8AI score0.00893EPSS
Exploits0
CNVD
CNVDadded 2021/07/07 12:0 a.m.13 views

GitLab Access Control Error Vulnerability (CNVD-2021-49038)

GitLab is an open source application developed using Ruby on Rails that implements a self-hosted Git project repository that can be accessed through a web interface for public and private projects. An access control error vulnerability exists in GitLab. An attacker can exploit this vulnerability ...

6.5CVSS6.4AI score0.0135EPSS
Exploits1References1
CNVD
CNVDadded 2021/07/07 12:0 a.m.10 views

GitLab Cross-Site Request Forgery Vulnerability (CNVD-2021-49073)

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A cross-site request forgery vulnerability exists in Gitl...

7.1CVSS6.8AI score0.00893EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2021/07/07 12:0 a.m.3 views

PT-2021-6757 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions 13.12 through 13.12.5 GitLab versions 14.0.0 through 14.0.1 Description: A cross-site request forgery issue in the GraphQL API allows an attacker to call mutations as the victim. The vulnerability is related to the lack of...

7.1CVSS6.4AI score0.00893EPSS
Exploits0References13
OSV
OSVadded 2021/07/06 10:15 p.m.18 views

CVE-2021-22228

An issue has been discovered in GitLab affecting all versions before 13.11.6, all versions starting from 13.12 before 13.12.6, and all versions starting from 14.0 before 14.0.2. Improper access control allows unauthorised users to access project details using Graphql...

6.5CVSS6.4AI score0.0135EPSS
Exploits1References3
NVD
NVDadded 2021/07/06 10:15 p.m.17 views

CVE-2021-22228

An issue has been discovered in GitLab affecting all versions before 13.11.6, all versions starting from 13.12 before 13.12.6, and all versions starting from 14.0 before 14.0.2. Improper access control allows unauthorised users to access project details using Graphql...

6.5CVSS0.0135EPSS
Exploits1References3
UbuntuCve
UbuntuCveadded 2021/07/06 10:15 p.m.31 views

CVE-2021-22228

An issue has been discovered in GitLab affecting all versions before 13.11.6, all versions starting from 13.12 before 13.12.6, and all versions starting from 14.0 before 14.0.2. Improper access control allows unauthorised users to access project details using Graphql...

6.5CVSS6.5AI score0.0135EPSS
Exploits1References4
Prion
Prionadded 2021/07/06 10:15 p.m.19 views

Improper access control

An issue has been discovered in GitLab affecting all versions before 13.11.6, all versions starting from 13.12 before 13.12.6, and all versions starting from 14.0 before 14.0.2. Improper access control allows unauthorised users to access project details using Graphql...

4CVSS6.3AI score0.0135EPSS
Exploits1References3Affected Software1
OSV
OSVadded 2021/07/06 10:15 p.m.1 views

UBUNTU-CVE-2021-22228

An issue has been discovered in GitLab affecting all versions before 13.11.6, all versions starting from 13.12 before 13.12.6, and all versions starting from 14.0 before 14.0.2. Improper access control allows unauthorised users to access project details using Graphql...

6.5CVSS5.7AI score0.0135EPSS
Exploits1References5
CVE
CVEadded 2021/07/06 9:34 p.m.90 views

CVE-2021-22228

Summary of CVE-2021-22228 : GitLab versions affected are all before 13.11.6, all 13.12 before 13.12.6, and all 14.0 before 14.0.2. The issue is an improper access control that allows unauthorised users to access project details via GraphQL. The connected documents confirm the vulnerability’s exis...

6.5CVSS6.2AI score0.0135EPSS
Exploits1References3Affected Software1
Cvelist
Cvelistadded 2021/07/06 9:34 p.m.40 views

CVE-2021-22228

An issue has been discovered in GitLab affecting all versions before 13.11.6, all versions starting from 13.12 before 13.12.6, and all versions starting from 14.0 before 14.0.2. Improper access control allows unauthorised users to access project details using Graphql...

6.5CVSS6.5AI score0.0135EPSS
Exploits1References3
Debian CVE
Debian CVEadded 2021/07/06 9:34 p.m.20 views

CVE-2021-22228

Removed by vendor...

6.5CVSS6.6AI score0.0135EPSS
Exploits1
CNNVD
CNNVDadded 2021/07/06 12:0 a.m.17 views

GitLab 安全漏洞

GitLab is an open source application developed using Ruby on Rails that implements a self-hosted Git project repository that can be accessed through a web interface for public and private projects. An access control error vulnerability exists in GitLab. An attacker can exploit this vulnerability ...

6.5CVSS5.7AI score0.0135EPSS
Exploits1References5
Rows per page
Query Builder