37 matches found
CVE-2023-31485
GitLab::API::v4 through 0.26 does not verify TLS certificates when connecting to a GitLab server, enabling machine-in-the-middle attacks...
CVE-2021-22224
A cross-site request forgery vulnerability in the GraphQL API in GitLab since version 13.12 and before versions 13.12.6 and 14.0.2 allowed an attacker to call mutations as the victim...
CVE-2025-10282
BBOT's gitlab module could be abused to disclose a GitLab API key to an attacker controlled server with a malicious formatted git URL...
BBOT 安全漏洞
BBOT is a recursive Internet scanner open-sourced by Black Lantern Security. BBOT suffers from a security vulnerability that stems from a maliciously formatted git URL that could lead to the disclosure of GitLab API keys to an attacker-controlled server...
EUVD-2014-8377
Malware in sbrugna...
EUVD-2020-5611
Malware in sbrugna...
EUVD-2019-6551
Malware in sbrugna...
EUVD-2020-5584
Malware in sbrugna...
EUVD-2021-26271
Malware in sbrugna...
EUVD-2021-26244
Malware in sbrugna...
EUVD-2023-12309
Malicious code in bioql PyPI...
EUVD-2022-42715
Malicious code in bioql PyPI...
EUVD-2023-35790
Malicious code in bioql PyPI...
EUVD-2022-34507
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-3325
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper access control in the GitLab CE/EE API affecting all versions starting from 12.8 before 15.2.5, all versions starting from 15.3 before 15.3.4, all...
Linux Distros Unpatched Vulnerability : CVE-2021-39905
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An information disclosure vulnerability in the GitLab CE/EE API since version 8.9.6 allows a user to see basic information on private groups that a public proje...
Linux Distros Unpatched Vulnerability : CVE-2021-39945
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper access control in the GitLab CE/EE API affecting all versions starting from 9.4 before 14.3.6, all versions starting from 14.4 before 14.4.4, all...
Linux Distros Unpatched Vulnerability : CVE-2023-4647
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab affecting all versions starting from 15.2 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions...
CVE-2022-3018
An information disclosure vulnerability in GitLab CE/EE affecting all versions starting from 9.3 before 15.2.5, all versions starting from 15.3 before 15.3.4, all versions starting from 15.4 before 15.4.1 allows a project maintainer to access the DataDog integration API key from webhook logs...
CVE-2020-13351
Insufficient permission checks in scheduled pipeline API in GitLab CE/EE 13.0+ allows an attacker to read variable names and values for scheduled pipelines on projects visible to the attacker. Affected versions are =13.0, =13.4.0, =13.5.0, 13.5.2...