Exposição de GitLab
Development, Issue trackers312
score de exposição
761
sites usam
4
em exploração
24
críticos
CVEs
1.055 resultadosCVE-2021-39893MEDIUMA potential DOS vulnerability was discovered in GitLab starting with version 9.1 that allowed parsing files without authorisation.EPSS 1.1%CVE-2022-1460MEDIUMAn issue has been discovered in GitLab affecting all versions starting from 9.2 before 14.8.6, all versions starting from 14.9 before 14.9.4EPSS 1.1%CVE-2022-2531MEDIUMAn issue has been discovered in GitLab EE affecting all versions starting from 12.5 before 15.0.5, all versions starting from 15.1 before 15EPSS 1.1%CVE-2022-1406MEDIUMImproper input validation in GitLab CE/EE affecting all versions from 8.12 prior to 14.8.6, all versions from 14.9.0 prior to 14.9.4, and 14EPSS 1.1%CVE-2021-22229MEDIUMAn issue has been discovered in GitLab CE/EE affecting all versions starting with 12.8. Under a special condition it was possible to access EPSS 1.1%CVE-2020-13264MEDIUMKubernetes cluster token disclosure in GitLab CE/EE 10.3 and later through 13.0.1 allows other group maintainers to view Kubernetes cluster EPSS 1.1%CVE-2019-5474—An authorization issue was discovered in GitLab EE < 12.1.2, < 12.0.4, and < 11.11.6 allowing the merge request approval rules to be overridEPSS 1.1%CVE-2021-22198MEDIUMAn issue has been discovered in GitLab CE/EE affecting all versions from 13.8 and above allowing an authenticated user to delete incident meEPSS 1.1%CVE-2022-3572CRITICALA cross-site scripting issue has been discovered in GitLab CE/EE affecting all versions from 13.5 prior to 15.3.5, 15.4 prior to 15.4.4, andEPSS 1.1%CVE-2022-0344LOWAn issue has been discovered in GitLab affecting all versions starting from 10.0 before 14.5.4, all versions starting from 10.1 before 14.6.EPSS 1.1%CVE-2020-13268MEDIUMA specially crafted request could be used to confirm the existence of files hosted on object storage services, without disclosing their contEPSS 1.1%CVE-2023-1708MEDIUMAn issue was identified in GitLab CE/EE affecting all versions from 1.0 prior to 15.8.5, 15.9 prior to 15.9.4, and 15.10 prior to 15.10.1 whEPSS 1.1%CVE-2022-2229HIGHAn improper authorization issue in GitLab CE/EE affecting all versions from 13.7 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 1EPSS 1.1%CVE-2022-2931HIGHA potential DOS vulnerability was discovered in GitLab CE/EE affecting all versions before 15.1.6, all versions starting from 15.2 before 15EPSS 1.1%CVE-2021-22263MEDIUMAn issue has been discovered in GitLab affecting all versions starting from 13.0 before 14.0.9, all versions starting from 14.1 before 14.1.EPSS 1.1%CVE-2021-22181HIGHA denial of service vulnerability in GitLab CE/EE affecting all versions since 11.8 allows an attacker to create a recursive pipeline relatiEPSS 1.1%CVE-2021-22248MEDIUMImproper authorization on the pipelines page in GitLab CE/EE affecting all versions since 13.12 allowed unauthorized users to view some pipeEPSS 1.1%CVE-2020-13280MEDIUMFor GitLab before 13.0.12, 13.1.6, 13.2.3 a memory exhaustion flaw exists due to excessive logging of an invite email error message.EPSS 1.1%CVE-2022-2592MEDIUMA lack of length validation in Snippet descriptions in GitLab CE/EE affecting all versions prior to 15.1.6, 15.2 prior to 15.2.4 and 15.3 prEPSS 1.0%CVE-2020-13275HIGHA user with an unverified email address could request an access to domain restricted groups in GitLab EE 12.2 and later through 13.0.1EPSS 1.0%
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →