15 matches found
CVE-2026-20706
Summary of CVE-2026-20706 (Gitea) Gitea versions up to and including 1.26.1 allow repository archive downloads to bypass token scope checks on the web archive download endpoint. The root cause is that the Download function (routers/web/repo/repo.go) did not invoke token scope validation (checkDow...
CVE-2025-13929
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 10.0 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an unauthenticated user to cause a denial of service by issuing specially crafted requests to repository archive endpoints under certai...
BIT-GITLAB-2025-13929 Allocation of Resources Without Limits or Throttling in GitLab
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 10.0 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an unauthenticated user to cause a denial of service by issuing specially crafted requests to repository archive endpoints under certai...
UBUNTU-CVE-2025-13929
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 10.0 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an unauthenticated user to cause a denial of service by issuing specially crafted requests to repository archive endpoints under certai...
CVE-2025-13929
Removed by vendor...
CVE-2025-13929 Allocation of Resources Without Limits or Throttling in GitLab
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 10.0 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an unauthenticated user to cause a denial of service by issuing specially crafted requests to repository archive endpoints under certai...
PT-2026-24709
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 10.0 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an unauthenticated user to cause a denial of service by issuing specially crafted requests to repository archive endpoints under certai...
Linux Distros Unpatched Vulnerability : CVE-2020-10954
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab through 12.9 is affected by a potential DoS in repository archive download. CVE-2020-10954 Note that Nessus relies on the presence of the package as...
CVE-2020-10954
GitLab through 12.9 is affected by a potential DoS in repository archive download...
Design/Logic Flaw
GitLab through 12.9 is affected by a potential DoS in repository archive download...
CVE-2020-10954
GitLab through 12.9 is affected by a potential DoS in repository archive download...
UBUNTU-CVE-2020-10954
GitLab through 12.9 is affected by a potential DoS in repository archive download...
CVE-2020-10954
Removed by vendor...
Gitlab -- Multiple Vulnerabilities
Gitlab reports: Arbitrary File Read when Moving an Issue Path Traversal in NPM Package Registry SSRF on Project Import External Users Can Create Personal Snippet Triggers Decription Can be Updated by Other Maintainers in Project Information Disclosure on Confidential Issues Moved to Private...
crust repo has been archived; use libp2p instead
The crust crate repo was archived with no warning or explanation. Given that it was archived with no warning or successor, there's not an official replacement but rust-libp2p looks like it's got a similar feature set and is actively maintained...