Lucene search
+L

85 matches found

FreeBSD
FreeBSD
added 2026/02/25 12:0 a.m.12 views

Gitlab -- vulnerabilities

Gitlab reports: Cross-site Scripting issue in Mermaid sandbox impacts GitLab CE/EE Denial of Service issue in container registry impacts GitLab CE/EE Denial of Service issue in Jira events endpoint impacts GitLab CE/EE Regular Expression Denial of Service issue in GitLab merge requests impacts...

8CVSS5.4AI score0.00357EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2020-5558

Malware in sbrugna...

7.2CVSS6.2AI score0.01242EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-34545

Malicious code in bioql PyPI...

5.3CVSS5.4AI score0.0081EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2022-2270

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab affecting all versions starting from 12.4 before 14.10.5, all versions starting from 15.0 before 15.0.4, all versions...

5.3CVSS5.5AI score0.0081EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2020-13298

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Conan package upload functionality was not properly validating the supplied...

7.2CVSS5.9AI score0.01242EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 11:50 p.m.10 views

CVE-2022-2270

An issue has been discovered in GitLab affecting all versions starting from 12.4 before 14.10.5, all versions starting from 15.0 before 15.0.4, all versions starting from 15.1 before 15.1.1. GitLab was leaking Conan packages names due to incorrect permissions verification...

5.3CVSS6.4AI score0.0081EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 1:48 p.m.6 views

CVE-2020-13298

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Conan package upload functionality was not properly validating the supplied parameters, which resulted in the limited files disclosure...

7.2CVSS6.4AI score0.01242EPSS
Exploits0References5
vulnersOsv
vulnersOsv
added 2024/11/01 6:29 a.m.6 views

barbarian (>=0.1.0 <=0.3.0), bincrafters-remove-outdated (=0.5.0) +47 more potentially affected by unknown CVE via conan (>=2.0.0b10 <=2.8.1)

conan PYPI version =2.0.0b10, =0.1.0, =1.0.5, =0.1.0, =0.1.0, =0.1.0, =2.2.0, =0.36.0, =0.1.0, =0.1.0, =0.0.1, =0.1.0a1, =0.1.0, =2.3.0 and more Source cves: unknown CVE Source advisory: SNYK:PYTHON-CONAN-8400482...

5.7AI score
Exploits0
Snyk
Snyk
added 2024/11/01 6:29 a.m.2 views

Improper Authorization

Overview conan is a Conan C/C++ package manager Affected versions of this package are vulnerable to Improper Authorization in the server's authorization mechanism, by the checkreadconan, checkwriteconan, and checkdeleteconan methods in the authorize function, as well as via authentication checks ...

5.4CVSS6.9AI score
Exploits0References3
FreeBSD
FreeBSD
added 2024/09/03 12:0 a.m.13 views

gitea -- multiple issues

Problem Description: Replace v-html with v-text in search inputbox Fix nuget/conan/container packages upload bugs...

7.4AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/08/31 12:0 a.m.15 views

FreeBSD : forgejo -- The scope of application tokens was not verified when writing containers or Conan packages. (eb437e17-66a1-11ef-ac08-75165d18d8d2)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the eb437e17-66a1-11ef-ac08-75165d18d8d2 advisory. The forgejo team reports: The scope of application tokens was not verified when writing containers or...

5.7AI score
Exploits0References2
FreeBSD
FreeBSD
added 2024/08/26 12:0 a.m.9 views

forgejo -- The scope of application tokens was not verified when writing containers or Conan packages.

The forgejo team reports: The scope of application tokens was not verified when writing containers or Conan packages. This is of no consequence when the user associated with the application token does not have write access to packages. If the user has write access to packages, such a token can be...

7.2AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/05/17 12:0 a.m.21 views

GitLab 13.1 < 13.1.10 / 13.2 < 13.2.8 / 13.3 < 13.3.4 (CVE-2020-13298)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Conan package upload functionality was not properly validating the supplied parameters, which resulted in the limit...

7.2CVSS6AI score0.01242EPSS
Exploits0References4
OSV
OSV
added 2024/03/06 11:22 a.m.26 views

BIT-GITLAB-2020-13298

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Conan package upload functionality was not properly validating the supplied parameters, which resulted in the limited files disclosure...

7.2CVSS5.9AI score0.01242EPSS
Exploits0References4
OSV
OSV
added 2024/03/06 11:15 a.m.22 views

BIT-GITLAB-2022-2270

An issue has been discovered in GitLab affecting all versions starting from 12.4 before 14.10.5, all versions starting from 15.0 before 15.0.4, all versions starting from 15.1 before 15.1.1. GitLab was leaking Conan packages names due to incorrect permissions verification...

5.3CVSS5.1AI score0.0081EPSS
Exploits0References4
Veracode
Veracode
added 2023/08/06 11:9 p.m.24 views

Information Disclosure

gitlab is vulnerable to Information Disclosure. An attacker could exploit this vulnerability by sending a specially crafted request to the GitLab server. This request would allow the attacker to leak the names of all Conan packages on the server, even if they do not have permission to access the...

5.3CVSS6.3AI score0.0081EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/07/01 5:15 p.m.3 views

CVE-2022-2270

An issue has been discovered in GitLab affecting all versions starting from 12.4 before 14.10.5, all versions starting from 15.0 before 15.0.4, all versions starting from 15.1 before 15.1.1. GitLab was leaking Conan packages names due to incorrect permissions verification...

5.3CVSS6AI score0.0081EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2022/07/01 5:15 p.m.18 views

CVE-2022-2270

An issue has been discovered in GitLab affecting all versions starting from 12.4 before 14.10.5, all versions starting from 15.0 before 15.0.4, all versions starting from 15.1 before 15.1.1. GitLab was leaking Conan packages names due to incorrect permissions verification...

5.3CVSS0.0081EPSS
Exploits0References3
OSV
OSV
added 2022/07/01 5:15 p.m.6 views

UBUNTU-CVE-2022-2270

An issue has been discovered in GitLab affecting all versions starting from 12.4 before 14.10.5, all versions starting from 15.0 before 15.0.4, all versions starting from 15.1 before 15.1.1. GitLab was leaking Conan packages names due to incorrect permissions verification...

5.3CVSS6AI score0.0081EPSS
Exploits0References5
Prion
Prion
added 2022/07/01 5:15 p.m.19 views

Design/Logic Flaw

An issue has been discovered in GitLab affecting all versions starting from 12.4 before 14.10.5, all versions starting from 15.0 before 15.0.4, all versions starting from 15.1 before 15.1.1. GitLab was leaking Conan packages names due to incorrect permissions verification...

5CVSS5.2AI score0.0081EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder