Lucene search
K

13 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2021-39941

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An information disclosure vulnerability in GitLab CE/EE versions 12.0 to 14.3.6, 14.4 to 14.4.4, and 14.5 to 14.5.2 allowed non-project members to see the defau...

5.3CVSS5.7AI score0.01182EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 8:14 p.m.5 views

CVE-2021-39941

An information disclosure vulnerability in GitLab CE/EE versions 12.0 to 14.3.6, 14.4 to 14.4.4, and 14.5 to 14.5.2 allowed non-project members to see the default branch name for projects that restrict access to the repository to project members...

5.3CVSS6.1AI score0.01182EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/06 4:13 a.m.6 views

CVE-2021-22241

An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.0. It was possible to exploit a stored cross-site-scripting via a specifically crafted default branch name...

8.7CVSS6AI score0.00991EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 4:8 a.m.2 views

SUSE CVE-2019-15733

An issue was discovered in GitLab Community and Enterprise Edition 7.12 through 12.2.1. The specified default branch name could be exposed to unauthorized users...

4.3CVSS4.7AI score0.01043EPSS
Exploits0References3
NVD
NVD
added 2021/12/13 4:15 p.m.16 views

CVE-2021-39941

An information disclosure vulnerability in GitLab CE/EE versions 12.0 to 14.3.6, 14.4 to 14.4.4, and 14.5 to 14.5.2 allowed non-project members to see the default branch name for projects that restrict access to the repository to project members...

5.3CVSS0.01182EPSS
Exploits0References3
Cvelist
Cvelist
added 2021/12/13 3:48 p.m.16 views

CVE-2021-39941

An information disclosure vulnerability in GitLab CE/EE versions 12.0 to 14.3.6, 14.4 to 14.4.4, and 14.5 to 14.5.2 allowed non-project members to see the default branch name for projects that restrict access to the repository to project members...

3.7CVSS5.4AI score0.01182EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2021/12/13 12:0 a.m.5 views

PT-2021-22781 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 12.0 to 14.3.6 GitLab CE/EE versions 14.4 to 14.4.4 GitLab CE/EE versions 14.5 to 14.5.2 Description: An information disclosure issue allowed non-project members to see the default branch name for projects that restrict...

5.3CVSS5AI score0.01182EPSS
Exploits0References11
OSV
OSV
added 2021/08/05 8:15 p.m.3 views

UBUNTU-CVE-2021-22241

An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.0. It was possible to exploit a stored cross-site-scripting via a specifically crafted default branch name...

8.7CVSS5.7AI score0.00991EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/08/05 12:0 a.m.6 views

GitLab 跨站脚本漏洞

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A cross-site scripting vulnerability exists in GitLab CE ...

8.7CVSS6.1AI score0.00991EPSS
Exploits0References4
Hacker One
Hacker One
added 2021/07/10 9:40 a.m.19 views

GitLab: Stored XSS in main page of a project caused by arbitrary script payload in group "Default initial branch name"

Summary A stored XXS exists in the main page of a project. By changing the "default branch name" of a group a malicious user can inject arbitrary JavaScript into the main page of a project. Any user that is either at least developer of the project, or an administrator of the GitLab instance, and...

0.5AI score
Exploits0
Positive Technologies
Positive Technologies
added 2021/07/10 12:0 a.m.4 views

PT-2021-6694 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 14.0 and later Description: The issue is related to a stored cross-site-scripting vulnerability in GitLab CE/EE, which can be exploited via a specifically crafted default branch name. This allows a remote attacker to...

8.7CVSS5.7AI score0.00991EPSS
Exploits0References14
OSV
OSV
added 2019/09/16 5:15 p.m.2 views

UBUNTU-CVE-2019-15733

An issue was discovered in GitLab Community and Enterprise Edition 7.12 through 12.2.1. The specified default branch name could be exposed to unauthorized users...

4.3CVSS5.8AI score0.01043EPSS
Exploits0References3
Cvelist
Cvelist
added 2018/02/02 2:0 p.m.23 views

CVE-2017-18038

The repository settings resource in Atlassian Bitbucket Server before version 5.6.0 allows remote attackers to read the first line of arbitrary files via a path traversal vulnerability through the default branch name...

5.4AI score0.01474EPSS
Exploits0References1
Rows per page
Query Builder