Search CVE reports
121 – 130 of 1291 results
CVE-2024-4024
Medium priorityAn issue has been discovered in GitLab CE/EE affecting all versions starting from 7.8 before 16.9.6, all versions starting from 16.10 before 16.10.4, all versions starting from 16.11 before 16.11.1. Under certain conditions, an...
2 affected packages
gitlab, gitlab-agent
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| gitlab | Not in release | Not in release | Not in release | — | Ignored |
| gitlab-agent | Needs evaluation | Not in release | Not in release | — | — |
CVE-2024-4006
Medium priorityAn issue has been discovered in GitLab CE/EE affecting all versions starting from 16.7 before 16.9.6, all versions starting from 16.10 before 16.10.4, all versions starting from 16.11 before 16.11.1 where personal access scopes...
2 affected packages
gitlab, gitlab-agent
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| gitlab | Not in release | Not in release | Not in release | — | Ignored |
| gitlab-agent | Needs evaluation | Not in release | Not in release | — | — |
CVE-2024-2829
Medium priorityAn issue has been discovered in GitLab CE/EE affecting all versions starting from 12.5 before 16.9.6, all versions starting from 16.10 before 16.10.4, all versions starting from 16.11 before 16.11.1. A crafted wildcard filter in...
2 affected packages
gitlab, gitlab-agent
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| gitlab | Not in release | Not in release | Not in release | — | Ignored |
| gitlab-agent | Needs evaluation | Not in release | Not in release | — | — |
CVE-2024-2434
Medium priorityAn issue has been discovered in GitLab affecting all versions of GitLab CE/EE 16.9 prior to 16.9.6, 16.10 prior to 16.10.4, and 16.11 prior to 16.11.1 where path traversal could lead to DoS and restricted file read.
2 affected packages
gitlab, gitlab-agent
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| gitlab | Not in release | Not in release | Not in release | — | Ignored |
| gitlab-agent | Needs evaluation | Not in release | Not in release | — | — |
CVE-2024-1347
Medium priorityAn issue has been discovered in GitLab CE/EE affecting all versions before 16.9.6, all versions starting from 16.10 before 16.10.4, all versions starting from 16.11 before 16.11.1. Under certain conditions, an attacker through a...
2 affected packages
gitlab, gitlab-agent
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| gitlab | Not in release | Not in release | Not in release | — | Ignored |
| gitlab-agent | Needs evaluation | Not in release | Not in release | — | — |
CVE-2024-3817
Medium priorityHashiCorp’s go-getter library is vulnerable to argument injection when executing Git to discover remote branches. This vulnerability does not affect the go-getter/v2 branch and package.
2 affected packages
golang-github-hashicorp-go-getter, golang-github-jesseduffield-go-getter
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| golang-github-hashicorp-go-getter | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | — |
| golang-github-jesseduffield-go-getter | Needs evaluation | Needs evaluation | Needs evaluation | — | — |
CVE-2024-3092
Medium priorityAn issue has been discovered in GitLab CE/EE affecting all versions starting from 16.9 before 16.9.4, all versions starting from 16.10 before 16.10.2. A payload may lead to a Stored XSS while using the diff viewer, allowing...
1 affected package
gitlab
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| gitlab | Not in release | Not in release | Not in release | — | Ignored |
CVE-2024-2279
Medium priorityAn issue has been discovered in GitLab CE/EE affecting all versions starting from 16.7 to 16.8.6 all versions starting from 16.9 before 16.9.4, all versions starting from 16.10 before 16.10.2. Using the autocomplete for issues...
1 affected package
gitlab
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| gitlab | Not in release | Not in release | Not in release | — | Ignored |
CVE-2023-6678
Medium priorityAn issue has been discovered in GitLab EE affecting all versions before 16.8.6, all versions starting from 16.9 before 16.9.4, all versions starting from 16.10 before 16.10.2. It was possible for an attacker to cause a denial of...
1 affected package
gitlab
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| gitlab | — | Not in release | Not in release | — | Not affected |
CVE-2023-6489
Medium priorityA denial of service vulnerability was identified in GitLab CE/EE, versions 16.7.7 prior to 16.8.6, 16.9 prior to 16.9.4 and 16.10 prior to 16.10.2 which allows an attacker to spike the GitLab instance resources usage resulting in...
1 affected package
gitlab
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| gitlab | Not in release | Not in release | Not in release | — | Ignored |