Lucene search
K

123 matches found

Wolfi
Wolfi
added 2025/02/12 4:15 p.m.21 views

CVE-2025-0516 vulnerabilities

Vulnerabilities for packages: gitlab-pages, gitlab-cng...

4.3CVSS5.8AI score0.00276EPSS
Exploits1
Chainguard
Chainguard
added 2025/02/12 3:15 p.m.12 views

CVE-2025-1212 vulnerabilities

Vulnerabilities for packages: gitlab-rails-ee-fips, gitlab-pages, gitlab-ee-fips, gitlab-pages-fips, gitlab-runner-fips, gitlab-cng, gitlab-rails-ee, gitlab-cng-fips, gitlab-ee...

7.5CVSS5.8AI score0.00354EPSS
Exploits0
Wolfi
Wolfi
added 2025/02/12 3:15 p.m.5 views

CVE-2025-1212 vulnerabilities

Vulnerabilities for packages: gitlab-pages, gitlab-cng...

7.5CVSS5.8AI score0.00354EPSS
Exploits0
Wolfi
Wolfi
added 2025/02/12 3:15 p.m.11 views

CVE-2025-1042 vulnerabilities

Vulnerabilities for packages: gitlab-pages, gitlab-cng...

7.5CVSS5.8AI score0.00406EPSS
Exploits0
Chainguard
Chainguard
added 2025/02/12 3:15 p.m.9 views

CVE-2025-1042 vulnerabilities

Vulnerabilities for packages: gitlab-rails-ee-fips, gitlab-pages, gitlab-ee-fips, gitlab-pages-fips, gitlab-runner-fips, gitlab-cng, gitlab-rails-ee, gitlab-cng-fips, gitlab-ee...

7.5CVSS5.8AI score0.00406EPSS
Exploits0
Wolfi
Wolfi
added 2025/02/12 3:15 p.m.24 views

CVE-2025-0376 vulnerabilities

Vulnerabilities for packages: gitlab-pages, gitlab-cng...

8.7CVSS5.8AI score0.00377EPSS
Exploits0
Chainguard
Chainguard
added 2025/02/12 3:15 p.m.20 views

CVE-2025-0376 vulnerabilities

Vulnerabilities for packages: gitlab-rails-ee-fips, gitlab-pages, gitlab-ee-fips, gitlab-pages-fips, gitlab-runner-fips, gitlab-cng, gitlab-rails-ee, gitlab-cng-fips, gitlab-ee...

8.7CVSS5.8AI score0.00377EPSS
Exploits0
Wolfi
Wolfi
added 2025/02/12 3:15 p.m.4 views

CVE-2024-12379 vulnerabilities

Vulnerabilities for packages: gitlab-pages, gitlab-cng...

6.5CVSS5.8AI score0.00473EPSS
Exploits1
Chainguard
Chainguard
added 2025/02/12 3:15 p.m.14 views

CVE-2024-12379 vulnerabilities

Vulnerabilities for packages: gitlab-rails-ee-fips, gitlab-pages, gitlab-ee-fips, gitlab-pages-fips, gitlab-runner-fips, gitlab-cng, gitlab-rails-ee, gitlab-cng-fips, gitlab-ee...

6.5CVSS5.8AI score0.00473EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/02/08 4:46 a.m.14 views

CVE-2024-5528

An issue was discovered in GitLab CE/EE affecting all versions prior to 16.11.6, starting from 17.0 prior to 17.0.4, and starting from 17.1 prior to 17.1.2, which allows a subdomain takeover in GitLab Pages...

5.4CVSS6.2AI score0.00392EPSS
Exploits1References1
OSV
OSV
added 2025/02/07 7:17 a.m.99 views

BIT-GITLAB-2024-5528 Incomplete Comparison with Missing Factors in GitLab

An issue was discovered in GitLab CE/EE affecting all versions prior to 16.11.6, starting from 17.0 prior to 17.0.4, and starting from 17.1 prior to 17.1.2, which allows a subdomain takeover in GitLab Pages...

5.4CVSS3.6AI score0.00392EPSS
Exploits1References4
OSV
OSV
added 2025/02/05 11:15 a.m.3 views

UBUNTU-CVE-2024-5528

An issue was discovered in GitLab CE/EE affecting all versions prior to 16.11.6, starting from 17.0 prior to 17.0.4, and starting from 17.1 prior to 17.1.2, which allows a subdomain takeover in GitLab Pages...

5.4CVSS5.8AI score0.00392EPSS
Exploits1References2
CVE
CVE
added 2025/02/05 10:31 a.m.189 views

CVE-2024-5528

CVE-2024-5528 affects GitLab CE/EE: subdomain takeover in GitLab Pages. Affected versions are: all prior to 16.11.6; 17.0 prior to 17.0.4; and 17.1 prior to 17.1.2. The issue is fixed by upgrading to 16.11.6 or newer, 17.0.4 or newer, and 17.1.2 or newer, respectively (GitLab patch releases exist...

5.4CVSS6.4AI score0.00392EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2024/07/10 12:0 a.m.6 views

PT-2024-36503 · Gitlab · Gitlab Ce/Ee

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions prior to 16.11.6 GitLab CE/EE versions 17.0 through 17.0.3 GitLab CE/EE versions 17.1 through 17.1.1 Description: An issue was discovered in GitLab CE/EE which allows a subdomain takeover in GitLab Pages. Recommendations...

5.4CVSS6.5AI score0.00392EPSS
Exploits1References15
Hacker One
Hacker One
added 2024/05/28 9:30 p.m.16 views

RATELIMITED: Subdomain takeover in GitLab Pages [george.ratelimited.me]

A subdomain takeover vulnerability was discovered in GitLab Pages. Subdomains could be taken over without verification of domain ownership. The vulnerability allowed an attacker to gain control of the subdomain...

7AI score
Exploits0
Hacker One
Hacker One
added 2024/05/28 9:0 p.m.10 views

GitLab: Subdomain takeover in Gitlab pages

The vulnerability allowed an attacker to take over a dangling custom domain pointing to GitLab Pages using "instanceX.gitlab.io". The problem arose when adding a custom domain to GitLab Pages without verifying the domain, as it would still serve content for 7 days before being disabled...

6.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/05/17 12:0 a.m.23 views

GitLab 11.5.0 < 13.5.6 / 13.6.0 < 13.6.4 / 13.7.0 < 13.7.2 (CVE-2021-22171)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Insufficient validation of authentication parameters in GitLab Pages for GitLab 11.5+ allows an attacker to steal a victim's API token if they click on a maliciously crafted link CVE-2021-22171 Note...

7.3CVSS6.8AI score0.01332EPSS
Exploits0References4
OSV
OSV
added 2024/03/06 11:20 a.m.21 views

BIT-GITLAB-2021-22171

Insufficient validation of authentication parameters in GitLab Pages for GitLab 11.5+ allows an attacker to steal a victim's API token if they click on a maliciously crafted link...

7.3CVSS6.4AI score0.01332EPSS
Exploits0References4
OSV
OSV
added 2024/03/06 11:16 a.m.17 views

BIT-GITLAB-2022-1148

Improper authorization in GitLab Pages included with GitLab CE/EE affecting all versions from 11.5 prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 allowed an attacker to steal a user's access token on an attacker-controlled private GitLab Pages website and reuse that token on the...

6.5CVSS6.2AI score0.01129EPSS
Exploits0References4
Wolfi
Wolfi
added 2024/03/06 12:31 a.m.422 views

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: crossplane-provider-aws-ec2, nerdctl, weaviate, src, aws-load-balancer-controller, nri-kubernetes, rook, aws-flb-kinesis, runc, trust-manager, kubescape, kubernetes-dashboard-metrics-scraper, scorecard, crossplane, nri-discovery-kubernetes,...

5.9AI score
Exploits0
Rows per page
Query Builder