Search CVE reports
801 – 810 of 1132 results
GitLab through 12.9 is affected by a potential DoS in repository archive download.
1 affected package
gitlab
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| gitlab | Not in release | Not in release | Not in release | Not in release |
In GitLab EE 11.7 through 12.9, the NPM feature is vulnerable to a path traversal issue.
1 affected package
gitlab
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| gitlab | — | — | — | Not in release |
GitLab EE/CE 8.11 through 12.9.1 allows blocked users to pull/push docker images.
1 affected package
gitlab
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| gitlab | — | — | — | Not in release |
GitLab 12.1 through 12.8.1 allows XSS. A stored cross-site scripting vulnerability was discovered when displaying merge requests.
1 affected package
gitlab
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| gitlab | — | — | — | Not in release |
GitLab 12.5 through 12.8.1 allows HTML Injection. A particular error header was potentially susceptible to injection or potentially other vulnerabilities via unescaped input.
1 affected package
gitlab
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| gitlab | — | — | — | Not in release |
GitLab 10.1 through 12.8.1 has Incorrect Access Control. A scenario was discovered in which a GitLab account could be taken over through an expired link.
1 affected package
gitlab
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| gitlab | Not in release | Not in release | Not in release | Not in release |
GitLab 12.1 through 12.8.1 allows XSS. A cross-site scripting vulnerability was present in a particular view relating to the Grafana integration.
1 affected package
gitlab
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| gitlab | — | — | — | Not in release |
GitLab 9.3 through 12.8.1 allows XSS. A cross-site scripting vulnerability was found when viewing particular file types.
1 affected package
gitlab
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| gitlab | — | — | — | Not in release |
GitLab 11.7 through 12.8.1 allows Information Disclosure. Under certain group conditions, group epic information was unintentionally being disclosed.
1 affected package
gitlab
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| gitlab | — | — | — | Not in release |
GitLab 8.11 through 12.8.1 allows a Denial of Service when using several features to recursively request eachother,
1 affected package
gitlab
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| gitlab | — | — | — | Not in release |