Exposição de GitLab
Development, Issue trackers331
score de exposição
761
sites usam
4
em exploração
24
críticos
CVEs
1.068 resultadosCVE-2021-39885HIGHA Stored XSS in merge request creation page in all versions of Gitlab EE starting from 13.7 before 14.1.7, all versions starting from 14.2 bEPSS 1.0%CVE-2021-22261HIGHA stored Cross-Site Scripting vulnerability in the Jira integration in all GitLab versions starting from 13.9 before 14.0.9, all versions stEPSS 1.0%CVE-2021-39866MEDIUMA business logic error in the project deletion process in GitLab 13.6 and later allows persistent access via project access tokens.EPSS 1.0%CVE-2021-22223MEDIUMClient-Side code injection through Feature Flag name in GitLab CE/EE starting with 11.9 allows a specially crafted feature flag name to PUT EPSS 0.9%CVE-2022-0125MEDIUMAn issue has been discovered in GitLab affecting all versions starting from 12.0 before 14.4.5, all versions starting from 14.5.0 before 14.EPSS 0.9%CVE-2022-1783LOWAn issue has been discovered in GitLab CE/EE affecting all versions starting from 14.3 before 14.9.5, all versions starting from 14.10 beforEPSS 0.9%CVE-2021-22227MEDIUMA reflected cross-site script vulnerability in GitLab before versions 13.11.6, 13.12.6 and 14.0.2 allowed an attacker to send a malicious liEPSS 0.9%CVE-2021-22179MEDIUMA vulnerability was discovered in GitLab versions before 12.2. GitLab was vulnerable to a SSRF attack through the Outbound Requests feature.EPSS 0.9%CVE-2022-3279LOWAn unhandled exception in job log parsing in GitLab CE/EE affecting all versions prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15EPSS 0.9%CVE-2024-2818MEDIUMAllocation of Resources Without Limits or Throttling in GitLabEPSS 0.9%CVE-2021-39905MEDIUMAn information disclosure vulnerability in the GitLab CE/EE API since version 8.9.6 allows a user to see basic information on private groupsEPSS 0.9%CVE-2023-1098MEDIUMAn information disclosure vulnerability has been discovered in GitLab EE/CE affecting all versions starting from 11.5 before 15.8.5, all verEPSS 0.9%CVE-2022-2907MEDIUMAn issue has been discovered in GitLab CE/EE affecting all versions starting from 12.9 before 15.1.6, all versions starting from 15.2 beforeEPSS 0.9%CVE-2021-22196MEDIUMAn issue has been discovered in GitLab CE/EE affecting all versions starting from 13.4. It was possible to exploit a stored cross-site-scripEPSS 0.9%CVE-2023-4522MEDIUMImproper Validation of Specified Type of Input in GitLabEPSS 0.9%CVE-2021-22209HIGHAn issue has been discovered in GitLab CE/EE affecting all versions starting from 13.8. GitLab was not properly validating authorisation tokEPSS 0.9%CVE-2022-0373MEDIUMImproper access control in GitLab CE/EE versions 12.4 to 14.5.4, 14.5 to 14.6.4, and 12.6 to 14.7.1 allows project non-members to retrieve tEPSS 0.9%CVE-2021-39870MEDIUMIn all versions of GitLab CE/EE since version 11.11, an instance that has the setting to disable Repo by URL import enabled is bypassed by aEPSS 0.9%CVE-2020-13325HIGHA vulnerability was discovered in GitLab versions prior 13.1. The comment section of the issue page was not restricting the characters propeEPSS 0.9%CVE-2022-1417MEDIUMImproper access control in GitLab CE/EE affecting all versions starting from 8.12 before 14.8.6, all versions starting from 14.9 before 14.9EPSS 0.9%
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →