12 matches found
CVE-2026-2845
An issue has been discovered in GitLab CE/EE affecting all versions from 11.2 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that could have allowed an authenticated user to cause denial of service by exploiting a Bitbucket Server import endpoint via repeatedly sending large responses...
CVE-2026-2845
An issue has been discovered in GitLab CE/EE affecting all versions from 11.2 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that could have allowed an authenticated user to cause denial of service by exploiting a Bitbucket Server import endpoint via repeatedly sending large responses...
CVE-2026-2845
Summary of CVE-2026-2845 : GitLab CE/EE versions affected are 11.2–before 18.7.5, 18.8–before 18.8.5, and 18.9–before 18.9.1. The issue allows an authenticated user to cause a denial of service by exploiting the Bitbucket Server import endpoint through repeatedly sending large responses. The vuln...
EUVD-2020-5590
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2021-39871
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In all versions of GitLab CE/EE since version 13.0, an instance that has the setting to disable Bitbucket Server import enabled is bypassed by an attacker makin...
UBUNTU-CVE-2021-39871
In all versions of GitLab CE/EE since version 13.0, an instance that has the setting to disable Bitbucket Server import enabled is bypassed by an attacker making a crafted API call...
PT-2021-22718 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 13.0 and later Description: The issue allows an attacker to bypass the setting to disable Bitbucket Server import by making a crafted API call. This affects instances of GitLab CE/EE where this setting is enabled...
GitLab 安全特征问题漏洞
GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to view a project's file contents, commit history, bug lists, and more. A security signature issue vulnerability exists in GitLab,...
GitLab Cross-Site Scripting Vulnerability (CNVD-2020-57835)
GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in GitLab versions prior ...
PT-2020-13471 · Gitlab · Gitlab
Name of the Vulnerable Software and Affected Versions: GitLab versions prior to 12.10.13 Description: The issue is related to a stored XSS in the import Bitbucket project feature. Recommendations: For versions prior to 12.10.13, update to version 12.10.13 or later to resolve the issue...
FreeBSD : Gitlab -- Multiple Vulnerabilities (0a305431-bc98-11ea-a051-001b217b3468)
Gitlab reports : Missing Permission Check on Time Tracking Cross-Site Scripting in PyPi Files API Insecure Authorization Check on Private Project Security Dashboard Cross-Site Scripting in References Cross-Site Scripting in Group Names Cross-Site Scripting in Blob Viewer Cross-Site Scripting in...
Gitlab -- Multiple Vulnerabilities
Gitlab reports: Missing Permission Check on Time Tracking Cross-Site Scripting in PyPi Files API Insecure Authorization Check on Private Project Security Dashboard Cross-Site Scripting in References Cross-Site Scripting in Group Names Cross-Site Scripting in Blob Viewer Cross-Site Scripting in...