Lucene search
K

15 matches found

CVE
CVE
added 2 days ago26 views

CVE-2026-20706

Summary of CVE-2026-20706 (Gitea) Gitea versions up to and including 1.26.1 allow repository archive downloads to bypass token scope checks on the web archive download endpoint. The root cause is that the Download function (routers/web/repo/repo.go) did not invoke token scope validation (checkDow...

7.1AI score0.00256EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/03/26 3:5 p.m.4 views

CVE-2025-13929

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 10.0 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an unauthenticated user to cause a denial of service by issuing specially crafted requests to repository archive endpoints under certai...

7.5CVSS5.8AI score0.00523EPSS
Exploits0References1
OSV
OSV
added 2026/03/13 9:31 a.m.2 views

BIT-GITLAB-2025-13929 Allocation of Resources Without Limits or Throttling in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 10.0 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an unauthenticated user to cause a denial of service by issuing specially crafted requests to repository archive endpoints under certai...

7.5CVSS5.8AI score0.00523EPSS
Exploits0References5
OSV
OSV
added 2026/03/11 4:16 p.m.4 views

UBUNTU-CVE-2025-13929

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 10.0 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an unauthenticated user to cause a denial of service by issuing specially crafted requests to repository archive endpoints under certai...

7.5CVSS5.8AI score0.00523EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/03/11 4:5 p.m.3 views

CVE-2025-13929

Removed by vendor...

7.5CVSS5.8AI score0.00523EPSS
Exploits0
Cvelist
Cvelist
added 2026/03/11 4:5 p.m.25 views

CVE-2025-13929 Allocation of Resources Without Limits or Throttling in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 10.0 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an unauthenticated user to cause a denial of service by issuing specially crafted requests to repository archive endpoints under certai...

7.5CVSS0.00523EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/03/11 12:0 a.m.3 views

PT-2026-24709

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 10.0 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an unauthenticated user to cause a denial of service by issuing specially crafted requests to repository archive endpoints under certai...

7.5CVSS5.8AI score0.00523EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2020-10954

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab through 12.9 is affected by a potential DoS in repository archive download. CVE-2020-10954 Note that Nessus relies on the presence of the package as...

7.5CVSS6.2AI score0.01148EPSS
Exploits0References2
OSV
OSV
added 2020/03/27 7:15 p.m.15 views

CVE-2020-10954

GitLab through 12.9 is affected by a potential DoS in repository archive download...

7.5CVSS6.5AI score
Exploits0References2
Prion
Prion
added 2020/03/27 7:15 p.m.16 views

Design/Logic Flaw

GitLab through 12.9 is affected by a potential DoS in repository archive download...

5CVSS7.5AI score0.01148EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCve
added 2020/03/27 7:15 p.m.28 views

CVE-2020-10954

GitLab through 12.9 is affected by a potential DoS in repository archive download...

7.5CVSS6.7AI score0.01148EPSS
Exploits0References3
OSV
OSV
added 2020/03/27 7:15 p.m.1 views

UBUNTU-CVE-2020-10954

GitLab through 12.9 is affected by a potential DoS in repository archive download...

7.5CVSS6AI score0.01148EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2020/03/27 6:50 p.m.25 views

CVE-2020-10954

Removed by vendor...

7.5CVSS6.6AI score0.01148EPSS
Exploits0
FreeBSD
FreeBSD
added 2020/03/26 12:0 a.m.45 views

Gitlab -- Multiple Vulnerabilities

Gitlab reports: Arbitrary File Read when Moving an Issue Path Traversal in NPM Package Registry SSRF on Project Import External Users Can Create Personal Snippet Triggers Decription Can be Updated by Other Maintainers in Project Information Disclosure on Confidential Issues Moved to Private...

9.8CVSS2AI score0.01448EPSS
Exploits0References1
RustSec
RustSec
added 2019/11/21 12:0 p.m.20 views

crust repo has been archived; use libp2p instead

The crust crate repo was archived with no warning or explanation. Given that it was archived with no warning or successor, there's not an official replacement but rust-libp2p looks like it's got a similar feature set and is actively maintained...

2.4AI score
Exploits0Affected Software1
Rows per page
Query Builder