CLEANSTART-2026-AX77726 vulnerability was found in PAM

Multiple security vulnerabilities affect the gitlab-shell-fips package. A vulnerability was found in PAM. See references for individual vulnerability details...

CVE-2021-22254

Under very specific conditions a user could be impersonated using Gitlab shell. This vulnerability affects GitLab CE/EE 13.1 and later through 14.1.2, 14.0.7 and 13.12.9...

EUVD-2021-9323

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2021-22177

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Potential DoS was identified in gitlab-shell in GitLab CE/EE version 12.6.0 or above, which allows an attacker to spike the server resource utilization via...

CVE-2021-22177

Potential DoS was identified in gitlab-shell in GitLab CE/EE version 12.6.0 or above, which allows an attacker to spike the server resource utilization via gitlab-shell command...

GHSA-V6V8-XJ6M-XWQH vulnerabilities

Vulnerabilities for packages: kargo, buildkitd, rabbitmq-messaging-topology-operator, flux, step-ca, external-dns, flux-image-automation-controller, flux-kustomize-controller, zarf, rook, ksops, flux-source-controller, terraform, snyk-cli, sigstore-scaffolding, opentelemetry-collector-contrib,...

CVE-2024-6104 vulnerabilities

Vulnerabilities for packages: kargo, buildkitd, rabbitmq-messaging-topology-operator, flux, step-ca, external-dns, flux-image-automation-controller, flux-kustomize-controller, zarf, rook, ksops, flux-source-controller, terraform, snyk-cli, sigstore-scaffolding, opentelemetry-collector-contrib,...

BIT-GITLAB-2021-22177

Potential DoS was identified in gitlab-shell in GitLab CE/EE version 12.6.0 or above, which allows an attacker to spike the server resource utilization via gitlab-shell command...

CVE-2023-39325 vulnerabilities

Vulnerabilities for packages: prometheus-pushgateway-fips, k8sgpt-operator, aws-load-balancer-controller, buildkitd, prometheus-bind-exporter, coredns, prometheus-postgres-exporter, falcoctl-fips, thanos-operator, vault-csi-provider, external-secrets-operator, nfs-subdir-external-provisioner-fips...

GHSA-QPPJ-FM5R-HXR3 vulnerabilities

Vulnerabilities for packages: ko, flux-kustomize-controller, ollama, metacontroller, dynamic-localpv-provisioner, kots, prometheus-adapter, slsa-verifier, hey, nodetaint, fuse-overlayfs-snapshotter, node-problem-detector, nghttp2, secrets-store-csi-driver, nats, envoy-ratelimit, weaviate,...

UBUNTU-CVE-2021-22254

Under very specific conditions a user could be impersonated using Gitlab shell. This vulnerability affects GitLab CE/EE 13.1 and later through 14.1.2, 14.0.7 and 13.12.9...

GitLab 安全漏洞

GitLab is a self-hosted, Git version control system project repository application developed in Ruby on Rails by GitLab, Inc. The application can be used to access a project's file content, commit history, bug list, etc. A security vulnerability exists in Gitlab, which stems from the product's la...

CVE-2021-22177

Potential DoS was identified in gitlab-shell in GitLab CE/EE version 12.6.0 or above, which allows an attacker to spike the server resource utilization via gitlab-shell command...

CVE-2021-22177

Potential DoS was identified in gitlab-shell in GitLab CE/EE version 12.6.0 or above, which allows an attacker to spike the server resource utilization via gitlab-shell command...

UBUNTU-CVE-2021-22177

Potential DoS was identified in gitlab-shell in GitLab CE/EE version 12.6.0 or above, which allows an attacker to spike the server resource utilization via gitlab-shell command...

CVE-2021-22177

Summary of CVE-2021-22177 (GitLab/gitlab-shell DoS) Affected software: GitLab Community Edition and Enterprise Edition (GitLab CE/EE) with gitlab-shell, version 12.6.0 or newer. Root cause and vulnerability: A potential DoS vulnerability in gitlab-shell allows an attacker to spike server resource...

CVE-2021-22177

Removed by vendor...

GitLab 资源管理错误漏洞

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. GitLab has a security vulnerability in versions after...

PT-2021-14889 · Gitlab · Gitlab Ce/Ee +2

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 12.6.0 and above Description: A potential Denial of Service DoS issue was identified in gitlab-shell, allowing an attacker to increase server resource utilization via the gitlab-shell command. Recommendations: For GitLab...

GitLab: Stored-XSS on wiki pages

Hello, A Stored-XSS is existing on Wiki pages. It is caused by recent change in show.html.hamlL10 ruby ... "".htmlsafe ... authorurl is defined by committed email in wikipageversion.rb: ruby delegate :message, :sha, :id, :authorname, :authoremail, :authoreddate, to: :commit def authorurl user =...