Exposição de GitLab
Development, Issue trackers312
score de exposição
761
sites usam
4
em exploração
24
críticos
CVEs
1.055 resultadosCVE-2023-2199HIGHAn issue has been discovered in GitLab CE/EE affecting all versions starting from 12.0 before 15.10.8, all versions starting from 15.11 befoEPSS 1.3%CVE-2023-2132HIGHAn issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 15.10.8, all versions starting from 15.11 befoEPSS 1.3%CVE-2020-13346MEDIUMMembership changes are not reflected in ToDo subscriptions in GitLab versions prior to 13.2.10, 13.3.7 and 13.4.2, allowing guest users to aEPSS 1.3%CVE-2021-22190HIGHA path traversal vulnerability via the GitLab Workhorse in all versions of GitLab could result in the leakage of a JWT tokenEPSS 1.3%CVE-2021-22188MEDIUMAn issue has been discovered in GitLab affecting all versions starting with 13.0. Confidential issue titles in Gitlab were readable by an unEPSS 1.3%CVE-2022-0090MEDIUMAn issue has been discovered affecting GitLab versions prior to 14.4.5, between 14.5.0 and 14.5.3, and between 14.6.0 and 14.6.1. GitLab is EPSS 1.3%CVE-2023-2232MEDIUMAn issue has been discovered in GitLab affecting all versions starting from 15.10 before 16.1, leading to a ReDoS vulnerability in the Jira EPSS 1.3%CVE-2017-0917—Gitlab Community Edition version 10.2.4 is vulnerable to lack of input validation in the CI job component resulting in persistent cross siteEPSS 1.3%CVE-2020-13300HIGHGitLab CE/EE version 13.3 prior to 13.3.4 was vulnerable to an OAuth authorization scope change without user consent in the middle of the auEPSS 1.3%CVE-2022-1185MEDIUMA denial of service vulnerability when rendering RDoc files in GitLab CE/EE versions 10 to 14.7.7, 14.8.0 to 14.8.5, and 14.9.0 to 14.9.2 alEPSS 1.3%CVE-2020-13309MEDIUMA vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab was vulnerable to a blind SSRF attack through thEPSS 1.3%CVE-2022-3411MEDIUMA lack of length validation in GitLab CE/EE affecting all versions from 12.4 before 15.6.7, 15.7 before 15.7.6, and 15.8 before 15.8.1 allowEPSS 1.2%CVE-2021-39898LOWIn all versions of GitLab CE/EE since version 10.6, a project export leaks the external webhook token value which may allow access to the prEPSS 1.2%CVE-2020-26409MEDIUMA DOS vulnerability exists in Gitlab CE/EE >=10.3, <13.4.7,>=13.5, <13.5.5,>=13.6, <13.6.2 that allows an attacker to trigger uncontrolled rEPSS 1.2%CVE-2023-0121MEDIUMAllocation of Resources Without Limits or Throttling in GitLabEPSS 1.2%CVE-2020-13298HIGHA vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Conan package upload functionality was not properly valEPSS 1.2%CVE-2023-1733MEDIUMA denial of service condition exists in the Prometheus server bundled with GitLab affecting all versions from 11.10 to 15.8.5, 15.9 to 15.9.EPSS 1.2%CVE-2022-1352MEDIUMDue to an insecure direct object reference vulnerability in Gitlab EE/CE affecting all versions from 11.0 prior to 14.8.6, 14.9 prior to 14.EPSS 1.2%CVE-2021-39892MEDIUMIn all versions of GitLab CE/EE since version 12.0, a lower privileged user can import users from projects that they don't have a maintainerEPSS 1.2%CVE-2021-39869MEDIUMIn all versions of GitLab CE/EE since version 8.9, project exports may expose trigger tokens configured on that project.EPSS 1.2%
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →