CLEANSTART-2026-AX77726 vulnerability was found in PAM

Multiple security vulnerabilities affect the gitlab-shell-fips package. A vulnerability was found in PAM. See references for individual vulnerability details...

CVE-2021-22254

Under very specific conditions a user could be impersonated using Gitlab shell. This vulnerability affects GitLab CE/EE 13.1 and later through 14.1.2, 14.0.7 and 13.12.9...

EUVD-2021-9323

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2021-22177

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Potential DoS was identified in gitlab-shell in GitLab CE/EE version 12.6.0 or above, which allows an attacker to spike the server resource utilization via...

CVE-2021-22177

Potential DoS was identified in gitlab-shell in GitLab CE/EE version 12.6.0 or above, which allows an attacker to spike the server resource utilization via gitlab-shell command...

GHSA-V6V8-XJ6M-XWQH vulnerabilities

Vulnerabilities for packages: zot, goreleaser, skopeo, sops, k3d, timestamp-authority, crossplane-provider-azure-authorization, gh, nuclei, flux, zarf, grafana-mimir, opentelemetry-collector, rabbitmq-messaging-topology-operator, kubescape, gomplate, opentelemetry-collector-contrib, cosign, pulum...

CVE-2024-6104 vulnerabilities

Vulnerabilities for packages: zot, goreleaser, skopeo, sops, k3d, timestamp-authority, crossplane-provider-azure-authorization, gh, nuclei, flux, zarf, grafana-mimir, opentelemetry-collector, rabbitmq-messaging-topology-operator, kubescape, gomplate, opentelemetry-collector-contrib, cosign, pulum...

BIT-GITLAB-2021-22177

Potential DoS was identified in gitlab-shell in GitLab CE/EE version 12.6.0 or above, which allows an attacker to spike the server resource utilization via gitlab-shell command...

CVE-2023-39325 vulnerabilities

Vulnerabilities for packages: metacontroller, atlantis, kots, dgraph, prometheus-statsd-exporter, rqlite, kaf, kube-state-metrics, prometheus-alertmanager, k8sgpt-operator, memcached-exporter, cosign, prometheus-elasticsearch-exporter, gobuster, kube-logging-logging-operator,...

GHSA-QPPJ-FM5R-HXR3 vulnerabilities

Vulnerabilities for packages: gke-gcloud-auth-plugin, memcached-exporter, git-lfs, nghttp2, terraform-provider-aws, k3d, gomplate, cortex, haproxy-ingress, atlantis, kpt, helm, grype, pulumi-language-dotnet, oauth2-proxy, hugo, kots, bom, skaffold, envoy-ratelimit, ollama, kaf, terraform, pulumi,...

UBUNTU-CVE-2021-22254

Under very specific conditions a user could be impersonated using Gitlab shell. This vulnerability affects GitLab CE/EE 13.1 and later through 14.1.2, 14.0.7 and 13.12.9...

GitLab 安全漏洞

GitLab is a self-hosted, Git version control system project repository application developed in Ruby on Rails by GitLab, Inc. The application can be used to access a project's file content, commit history, bug list, etc. A security vulnerability exists in Gitlab, which stems from the product's la...

CVE-2021-22177

Potential DoS was identified in gitlab-shell in GitLab CE/EE version 12.6.0 or above, which allows an attacker to spike the server resource utilization via gitlab-shell command...

CVE-2021-22177

Potential DoS was identified in gitlab-shell in GitLab CE/EE version 12.6.0 or above, which allows an attacker to spike the server resource utilization via gitlab-shell command...

UBUNTU-CVE-2021-22177

Potential DoS was identified in gitlab-shell in GitLab CE/EE version 12.6.0 or above, which allows an attacker to spike the server resource utilization via gitlab-shell command...

CVE-2021-22177

Summary of CVE-2021-22177 (GitLab/gitlab-shell DoS) Affected software: GitLab Community Edition and Enterprise Edition (GitLab CE/EE) with gitlab-shell, version 12.6.0 or newer. Root cause and vulnerability: A potential DoS vulnerability in gitlab-shell allows an attacker to spike server resource...

CVE-2021-22177

Removed by vendor...

GitLab 资源管理错误漏洞

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. GitLab has a security vulnerability in versions after...

PT-2021-14889 · Gitlab · Gitlab Ce/Ee +2

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 12.6.0 and above Description: A potential Denial of Service DoS issue was identified in gitlab-shell, allowing an attacker to increase server resource utilization via the gitlab-shell command. Recommendations: For GitLab...

GitLab: Stored-XSS on wiki pages

Hello, A Stored-XSS is existing on Wiki pages. It is caused by recent change in show.html.hamlL10 ruby ... "".htmlsafe ... authorurl is defined by committed email in wikipageversion.rb: ruby delegate :message, :sha, :id, :authorname, :authoremail, :authoreddate, to: :commit def authorurl user =...