GitLab 13.2 < 14.8.6 / 14.9.x < 14.9.4 / 14.10.x < 14.10.1 Information Disclosure

According to its self-reported version, the instance of GitLab running on the remote web server is 13.2 prior to 14.8.6, 14.9.x prior to 14.9.4, or 14.10.x prior to 14.10.1. It is, therefore, affected by the following vulnerability: - An information disclosure vulnerability exists in confidential...

GitLab < 14.7.7 / 14.8.x < 14.8.5 / 14.9.x < 14.9.2 Multiple Vulnerabilities

According to its self-reported version, the instance of GitLab running on the remote web server is prior to 14.7.7 14.8.x prior to 14.8.5, or 14.9.x prior to 14.9.2. It is, therefore, affected by the following vulnerabilities: - Adding a very large number of tags to a runner in GitLab CE/EE allow...

GitLab 13.11.x < 14.7.7, 14.8.x < 14.8.5, 14.9.x < 14.9.2 Access Control Vulnerability

GitLab is prone to an access control vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:gitlab:gitlab"; if descriptio...

GitLab 12.1.x < 14.7.7, 14.8.x < 14.8.5, 14.9.x < 14.9.2 SSRF Vulnerability

GitLab is prone to a server-side request forgery SSRF vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

GitLab 12.2.x < 14.7.7, 14.8.x < 14.8.5, 14.9.x < 14.9.2 Information Disclosure Vulnerability

GitLab is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:gitlab:gitlab"; if...

GitLab 14.4.x < 14.7.7, 14.8.x < 14.8.5, 14.9.x < 14.9.2 XSS Vulnerability

GitLab is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:gitlab:gitlab"; if...

GitLab 14.7.x < 14.7.7, 14.8.x < 14.8.5, 14.9.x < 14.9.2 Hardcoded Password Vulnerability

GitLab is prone to a hardcoded password vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:gitlab:gitlab"; if...

GitLab 11.5.x < 14.7.7, 14.8.x < 14.8.5, 14.9.x < 14.9.2 Access Token Reuse Vulnerability

GitLab is prone to an access token reuse vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:gitlab:gitlab"; if...