7 matches found
CVE-2026-57286
CVE-2026-57286 describes a missing permission check in the Jenkins Git Parameter Plugin (462.vdcf3df2ed2ca_ and earlier). This allows users with Item/Read permission to obtain information about the SCM repository used by a job (e.g., branch names, tag names, and revision metadata). The impact is ...
Denial Of Service (DoS)
gitlab is vulnerable to Denial of Service DoS attacks. This vulnerability occurs due to a flaw in the way that GitLab handles the API endpoints for querying repository branches. An attacker can exploit this vulnerability to retrieve a large number of branches, which can lead to a denial-of-servic...
CVE-2021-22210
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.2. When querying the repository branches through API, GitLab was ignoring a query parameter and returning a considerable amount of results...
CVE-2021-22210
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.2. When querying the repository branches through API, GitLab was ignoring a query parameter and returning a considerable amount of results...
CVE-2021-22210
Removed by vendor...
Gitlab -- Vulnerabilities
Gitlab reports: Read API scoped tokens can execute mutations Pull mirror credentials were exposed Denial of Service when querying repository branches API Non-owners can set systemnotetimestamp when creating / updating issues DeployToken will impersonate a User with the same ID when using Dependen...
PT-2021-4080 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 13.2 and later Description: The issue is related to the GitLab platform ignoring a query parameter when working through the API, which can lead to a denial of service. When querying repository branches through the API,...