Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
GitlabRunner

3 matches found

CVE
CVEadded 2023/01/17 12:0 a.m.110 views

CVE-2022-2251

GitLab Runner (GitLab) suffers from an OS command injection due to improper sanitization/cleanup of branch names. A user can create a specially crafted branch name and cause another user’s pipeline to execute commands in the runner as that user. Affected versions are prior to 15.3.5, 15.4 prior t...

8CVSS7.5AI score0.022EPSS
CVE
CVEadded 2020/08/10 1:32 p.m.59 views

CVE-2020-13295

CVE-2020-13295 affects GitLab Runner prior to 13.0.12, 13.1.6, and 13.2.3. The vulnerability arises when dockerd is replaced with a malicious server, allowing Shared Runners to be susceptible to SSRF. The connected sources (OSV, NVD/NVD-derived entries, and related ecosystem advisories) confirm t...

8.8CVSS8.4AI score0.00204EPSS
CVE
CVEadded 2020/10/22 8:5 p.m.54 views

CVE-2020-13327

CVE-2020-13327 affects GitLab Runner and is caused by insecure runner configuration in Kubernetes environments. Affected versions include 13.4.0–13.4.1 (before 13.4.2), 13.3.0–13.3.6 (before 13.3.7), and 13.2.0–13.2.9 (before 13.2.10). The provided documents do not specify the exact root cause or...

7.5CVSS7.2AI score0.00106EPSS