Exposição de GitLab
Development, Issue trackers312
score de exposição
761
sites usam
4
em exploração
24
críticos
CVEs
1.055 resultadosCVE-2020-13274HIGHA security issue allowed achieving Denial of Service attacks through memory exhaustion by uploading malicious artifacts in all previous GitLEPSS 1.1%CVE-2020-13301MEDIUMA vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab was vulnerable to a stored XSS on the standaloneEPSS 1.1%CVE-2022-0152MEDIUMAn issue has been discovered in GitLab affecting all versions starting from 13.10 before 14.4.5, all versions starting from 14.5.0 before 14EPSS 1.1%CVE-2021-22195HIGHClient side code execution in gitlab-vscode-extension v3.15.0 and earlier allows attacker to execute code on user systemEPSS 1.1%CVE-2021-39915MEDIUMImproper access control in the GraphQL API in GitLab CE/EE affecting all versions starting from 13.0 before 14.3.6, all versions starting frEPSS 1.1%CVE-2021-39875MEDIUMIn all versions of GitLab CE/EE since version 13.6, it is possible to see pending invitations of any public group or public project by visitEPSS 1.1%CVE-2019-5465—An information disclosure issue was discovered in GitLab CE/EE 8.14 and later, by using the move issue feature which could result in disclosEPSS 1.1%CVE-2020-13302LOWA vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Under certain conditions GitLab was not properly revokiEPSS 1.1%CVE-2022-1148MEDIUMImproper authorization in GitLab Pages included with GitLab CE/EE affecting all versions from 11.5 prior to 14.7.7, 14.8 prior to 14.8.5, anEPSS 1.1%CVE-2021-22252MEDIUMA confusion between tag and branch names in GitLab CE/EE affecting all versions since 13.7 allowed a Developer to access protected CI variabEPSS 1.1%CVE-2022-0249LOWA vulnerability was discovered in GitLab starting with version 12. GitLab was vulnerable to a blind SSRF attack since requests to shared addEPSS 1.1%CVE-2022-1963MEDIUMAn issue has been discovered in GitLab CE/EE affecting all versions starting from 13.4 before 14.10.5, all versions starting from 15.0 beforEPSS 1.1%CVE-2021-22178MEDIUMAn issue has been discovered in GitLab affecting all versions starting from 13.2. Gitlab was vulnerable to SRRF attack through the PrometheuEPSS 1.1%CVE-2020-13290HIGHIn GitLab before 13.0.12, 13.1.6, and 13.2.3, improper access control was used on the Applications pageEPSS 1.1%CVE-2022-0151MEDIUMAn issue has been discovered in GitLab affecting all versions starting from 12.10 before 14.4.5, all versions starting from 14.5.0 before 14EPSS 1.1%CVE-2019-15590—An access control issue exists in < 12.3.5, < 12.2.8, and < 12.1.14 for GitLab Community Edition (CE) and Enterprise Edition (EE) where privEPSS 1.1%CVE-2020-13323HIGHA vulnerability was discovered in GitLab versions prior 13.1. Under certain conditions private merge requests could be read via TodosEPSS 1.1%CVE-2021-39903MEDIUMIn all versions of GitLab CE/EE since version 13.0, a privileged user, through an API call, can change the visibility level of a group or a EPSS 1.1%CVE-2020-13284MEDIUMA vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. API Authorization Using Outdated CI Job TokenEPSS 1.1%CVE-2023-5207HIGHExecution with Unnecessary Privileges in GitLabEPSS 1.1%
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →