21284 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-3073
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.6 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have...
GHSA-CRHJ-59GH-8X96 vulnerabilities
Vulnerabilities for packages: bom, trufflehog-fips, zarf-fips, kubevela-fips, dagger, osv-scanner, gitlab-rails-ce-fips, rancher-fleet-fips, grafana-alloy, crossplane, mapotf-fips, chainloop-cli, skaffold-fips, gitaly-fips, chainloop-cli-fips, xeol-fips, argo-workflows-fips, rancher-fleet,...
GHSA-M7CR-M3PV-HGRP vulnerabilities
Vulnerabilities for packages: bom, trufflehog-fips, zarf-fips, kubevela-fips, dagger, osv-scanner, gitlab-rails-ce-fips, rancher-fleet-fips, grafana-alloy, crossplane, mapotf-fips, chainloop-cli, skaffold-fips, gitaly-fips, chainloop-cli-fips, xeol-fips, argo-workflows-fips, rancher-fleet,...
CVE-2026-45571 vulnerabilities
Vulnerabilities for packages: bom, trufflehog-fips, zarf-fips, kubevela-fips, dagger, osv-scanner, gitlab-rails-ce-fips, rancher-fleet-fips, grafana-alloy, crossplane, mapotf-fips, chainloop-cli, skaffold-fips, gitaly-fips, chainloop-cli-fips, xeol-fips, argo-workflows-fips, rancher-fleet,...
CVE-2026-45570 vulnerabilities
Vulnerabilities for packages: bom, trufflehog-fips, zarf-fips, kubevela-fips, dagger, osv-scanner, gitlab-rails-ce-fips, rancher-fleet-fips, grafana-alloy, crossplane, mapotf-fips, chainloop-cli, skaffold-fips, gitaly-fips, chainloop-cli-fips, xeol-fips, argo-workflows-fips, rancher-fleet,...
GHSA-C73G-R4CP-2XMG vulnerabilities
Vulnerabilities for packages: gitlab-pages...
CVE-2026-8144 vulnerabilities
Vulnerabilities for packages: gitlab-pages...
GHSA-FQVQ-P2GC-C297 vulnerabilities
Vulnerabilities for packages: gitlab-pages...
CVE-2026-8280 vulnerabilities
Vulnerabilities for packages: gitlab-pages...
CVE-2026-8144 vulnerabilities
Vulnerabilities for packages: gitlab-pages, gitlab-rails-ce...
CVE-2026-8280 vulnerabilities
Vulnerabilities for packages: gitlab-pages, gitlab-rails-ce...
GHSA-C73G-R4CP-2XMG vulnerabilities
Vulnerabilities for packages: gitlab-pages, gitlab-rails-ce...
GHSA-FQVQ-P2GC-C297 vulnerabilities
Vulnerabilities for packages: gitlab-pages, gitlab-rails-ce...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization via the API-level authorization process. An attacker can create issues or attach comments to a locked group by sending direct API requests as a member of multiple groups. Remediation Upgrade...
CVE-2026-3117
Mattermost Plugins versions =11.5 11.1.5 10.13.11 11.3.4.0 fail to properly check for permissions when processing commands in the Gitlab plugin which allows normal users to uninstall instances or setup webhook connections via the gitlab instance option or the /gitlab webhook option commands...
CVE-2026-3117
Mattermost Plugins versions =11.5 11.1.5 10.13.11 11.3.4.0 fail to properly check for permissions when processing commands in the Gitlab plugin which allows normal users to uninstall instances or setup webhook connections via the gitlab instance option or the /gitlab webhook option commands...
CVE-2026-3117
Mattermost plugins contain a permission-check flaw in the GitLab plugin command processing. Versions affected: Mattermost Plugins
EUVD-2026-30748
Mattermost Plugins versions =11.5 11.1.5 10.13.11 11.3.4.0 fail to properly check for permissions when processing commands in the Gitlab plugin which allows normal users to uninstall instances or setup webhook connections via the gitlab instance option or the /gitlab webhook option commands...
CVE-2026-3117 Instance and webhook GitLab plugin commands were able to be run by non-admin users
Mattermost Plugins versions =11.5 11.1.5 10.13.11 11.3.4.0 fail to properly check for permissions when processing commands in the Gitlab plugin which allows normal users to uninstall instances or setup webhook connections via the gitlab instance option or the /gitlab webhook option commands...
CVE-2026-3117 Instance and webhook GitLab plugin commands were able to be run by non-admin users
Mattermost Plugins versions =11.5 11.1.5 10.13.11 11.3.4.0 fail to properly check for permissions when processing commands in the Gitlab plugin which allows normal users to uninstall instances or setup webhook connections via the gitlab instance option or the /gitlab webhook option commands...