Search CVE reports

Toggle filters

521 – 530 of 1533 results

CVE-2019-14944

Medium priority
Not affected

An issue was discovered in GitLab Community and Enterprise Edition before 11.11.8, 12 before 12.0.6, and 12.1 before 12.1.6. Gitaly allows injection of command-line flags. This sometimes leads to privilege escalation or remote...

1 affected package

gitlab

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gitlab Not in release
Show less packages

CVE-2019-14942

Medium priority
Not affected

An issue was discovered in GitLab Community and Enterprise Edition before 11.11.8, 12 before 12.0.6, and 12.1 before 12.1.6. Cookies for GitLab Pages (which have access control) could be sent over cleartext HTTP.

1 affected package

gitlab

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gitlab Not in release
Show less packages

CVE-2018-17537

Medium priority
Not affected

An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. blog-viewer has stored XSS during repository browsing, if package.json exists. .

1 affected package

gitlab

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gitlab Not in release
Show less packages

CVE-2018-17536

Medium priority
Not affected

An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. There is stored XSS on the merge request page via project import.

1 affected package

gitlab

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gitlab Not in release
Show less packages

CVE-2018-17455

Medium priority
Not affected

An issue was discovered in GitLab Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. Attackers could obtain sensitive information about group names, avatars, LDAP settings, and descriptions via an...

1 affected package

gitlab

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gitlab Not in release
Show less packages

CVE-2018-17454

Medium priority
Not affected

An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. There is stored XSS on the issue details screen.

1 affected package

gitlab

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gitlab Not in release
Show less packages

CVE-2018-17453

Medium priority
Not affected

An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. Attackers may have been able to obtain sensitive access-token data from Sentry logs via...

1 affected package

gitlab

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gitlab Not in release
Show less packages

CVE-2018-17452

Medium priority
Ignored

An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. There is Server-Side Request Forgery (SSRF) via a loopback address to the validate_localhost...

1 affected package

gitlab

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gitlab Not in release Not in release Not in release Not in release
Show less packages

CVE-2018-17451

Medium priority
Not affected

An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. There is Cross Site Request Forgery (CSRF) in the Slack integration for issuing slash commands.

1 affected package

gitlab

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gitlab Not in release
Show less packages

CVE-2018-17450

Medium priority
Not affected

An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. There is Server-Side Request Forgery (SSRF) via the Kubernetes integration, leading (for example) to...

1 affected package

gitlab

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gitlab Not in release
Show less packages
  1. Previous page
  2. 51
  3. 52
  4. 53
  5. 54
  6. 55
  7. Next page
Export to JSON