Lucene search
K

25 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-26251

Malware in sbrugna...

6CVSS5.3AI score0.00984EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-2022

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting...

4.3CVSS5AI score0.0039EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 8:13 p.m.3 views

CVE-2021-39895

In all versions of GitLab CE/EE since version 8.0, an attacker can set the pipeline schedules to be active in a project export so when an unsuspecting owner imports that project, pipelines are active by default on that project. Under specialized conditions, this may lead to information disclosure...

6CVSS6AI score0.00984EPSS
Exploits0References1
OSV
OSV
added 2024/03/06 11:18 a.m.17 views

BIT-GITLAB-2021-39895

In all versions of GitLab CE/EE since version 8.0, an attacker can set the pipeline schedules to be active in a project export so when an unsuspecting owner imports that project, pipelines are active by default on that project. Under specialized conditions, this may lead to information disclosure...

6CVSS4.9AI score0.00984EPSS
Exploits0References4
OSV
OSV
added 2024/03/06 11:9 a.m.18 views

BIT-GITLAB-2023-2022 Missing Authorization in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions starting before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2, which leads to developers being able to create pipeline schedules on protected branches even if they don't have...

4.3CVSS4.4AI score0.0039EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/01/03 12:0 a.m.22 views

GitLab 8.0 < 14.1.7 / 14.2 < 14.2.5 / 14.3 < 14.3.1 (CVE-2021-39895)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - In all versions of GitLab CE/EE since version 8.0, an attacker can set the pipeline schedules to be active in a project export so when an unsuspecting owner imports that project, pipelines are active ...

6CVSS5.4AI score0.00984EPSS
Exploits0References4
Veracode
Veracode
added 2023/10/08 10:48 p.m.15 views

Improper Access Control

gitlab is vulnerable to Improper Access Control. The vulnerability allows developers to create pipeline schedules on protected branches, even without merge access...

4.3CVSS6.8AI score0.0039EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/08/08 12:0 a.m.24 views

GitLab 0 < 16.0.8 / 16.1.0 < 16.1.3 / 16.2.0 < 16.2.2 (CVE-2023-2022)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab CE/EE affecting all versions starting before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2, which leads to...

4.3CVSS5AI score0.0039EPSS
Exploits0References4
NVD
NVD
added 2023/08/02 9:15 a.m.13 views

CVE-2023-2022

An issue has been discovered in GitLab CE/EE affecting all versions starting before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2, which leads to developers being able to create pipeline schedules on protected branches even if they don't have...

4.3CVSS4.2AI score0.0039EPSS
Exploits0References2
Prion
Prion
added 2023/08/02 9:15 a.m.12 views

Code injection

An issue has been discovered in GitLab CE/EE affecting all versions starting before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2, which leads to developers being able to create pipeline schedules on protected branches even if they don't have...

4CVSS4.5AI score0.0039EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2023/08/02 9:15 a.m.2 views

UBUNTU-CVE-2023-2022

An issue has been discovered in GitLab CE/EE affecting all versions starting before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2, which leads to developers being able to create pipeline schedules on protected branches even if they don't have...

4.3CVSS5.7AI score0.0039EPSS
Exploits0References4
OSV
OSV
added 2023/08/02 8:30 a.m.12 views

CVE-2023-2022 Missing Authorization in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions starting before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2, which leads to developers being able to create pipeline schedules on protected branches even if they don't have...

4.3CVSS4.7AI score0.0039EPSS
Exploits0References5
CVE
CVE
added 2023/08/02 8:30 a.m.357 views

CVE-2023-2022

CVE-2023-2022 affects GitLab CE/EE: versions before 16.0.8, and 16.1 before 16.1.3, and 16.2 before 16.2.2 are vulnerable to a missing-authorization issue that allows developers to create pipeline schedules on protected branches without merging access. The root cause is not explicitly detailed in...

4.3CVSS4.5AI score0.0039EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2023/08/02 8:30 a.m.24 views

CVE-2023-2022

Removed by vendor...

4.3CVSS5.8AI score0.0039EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2023/08/02 12:0 a.m.23 views

CVE-2023-2022

An issue has been discovered in GitLab CE/EE affecting all versions starting before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2, which leads to developers being able to create pipeline schedules on protected branches even if they don't have...

4.3CVSS5.7AI score0.0039EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/08/02 12:0 a.m.2 views

PT-2023-17418 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions prior to 16.0.8 GitLab CE/EE versions 16.1 prior to 16.1.3 GitLab CE/EE versions 16.2 prior to 16.2.2 Description: An issue has been discovered in GitLab CE/EE, which allows developers to create pipeline schedules on...

4.3CVSS6.5AI score0.0039EPSS
Exploits0References10
FreeBSD
FreeBSD
added 2023/08/01 12:0 a.m.27 views

Gitlab -- Vulnerabilities

Gitlab reports: ReDoS via ProjectReferenceFilter in any Markdown fields ReDoS via AutolinkFilter in any Markdown fields Regex DoS in Harbor Registry search Arbitrary read of files owned by the "git" user via malicious tar.gz file upload using GitLab export functionality Stored XSS in Web IDE Beta...

9.8CVSS6.5AI score0.63765EPSS
Exploits2References1
OSV
OSV
added 2021/11/05 12:15 a.m.17 views

CVE-2021-39895

In all versions of GitLab CE/EE since version 8.0, an attacker can set the pipeline schedules to be active in a project export so when an unsuspecting owner imports that project, pipelines are active by default on that project. Under specialized conditions, this may lead to information disclosure...

4.5CVSS6AI score0.00984EPSS
Exploits0References3
NVD
NVD
added 2021/11/05 12:15 a.m.19 views

CVE-2021-39895

In all versions of GitLab CE/EE since version 8.0, an attacker can set the pipeline schedules to be active in a project export so when an unsuspecting owner imports that project, pipelines are active by default on that project. Under specialized conditions, this may lead to information disclosure...

6CVSS0.00984EPSS
Exploits0References3
OSV
OSV
added 2021/11/05 12:15 a.m.1 views

UBUNTU-CVE-2021-39895

In all versions of GitLab CE/EE since version 8.0, an attacker can set the pipeline schedules to be active in a project export so when an unsuspecting owner imports that project, pipelines are active by default on that project. Under specialized conditions, this may lead to information disclosure...

6CVSS5.8AI score0.00984EPSS
Exploits0References2
Rows per page
Query Builder