6 matches found
GitLab 11.0 < 18.3.5 / 18.4 < 18.4.3 / 18.5 < 18.5.1 (CVE-2025-11447)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Gitlab reports: Improper access control issue in runner API impacts GitLab EE Denial of service issue in event collection impacts GitLab CE/EE Denial of service issue in JSON validation impacts GitLab...
GitLab 11.7 < 18.3.5 / 18.4 < 18.4.3 / 18.5 < 18.5.1 (CVE-2025-11974)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Gitlab reports: Improper access control issue in runner API impacts GitLab EE Denial of service issue in event collection impacts GitLab CE/EE Denial of service issue in JSON validation impacts GitLab...
PT-2025-43138
Name of the Vulnerable Software and Affected Versions GitLab EE versions prior to 18.3.5 GitLab EE versions 18.4 before 18.4.3 GitLab EE versions 18.5 before 18.5.1 Description An authenticated attacker could trigger unauthorized pipeline executions by manipulating commits. The issue relates to...
Jenkins Plugin GitLab Branch Source Security Vulnerability
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...
Jenkins plugins Multiple Vulnerabilities (2022-10-19)
According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities: - A sandbox bypass vulnerability involving various casts performed implicitly by the Groovy language runtime in Jenkins Script Security Plugi...
Jenkins Pipeline: Stage View Plugin allows CSRF protection bypass of any target URL in Jenkins
Jenkins Pipeline: Stage View Plugin provides a visualization of Pipeline builds. It also allows users to interact with input steps from Pipeline: Input Step Plugin. Pipeline: Stage View Plugin 2.26 and earlier does not correctly encode the ID of input steps when using it to generate URLs to proce...