Shodan
Vulnerabilities
Vulnerable Software
Gitlab:  >> Gitlab  >> 12.0.12  Security Vulnerabilities
CVE-2021-22206
An issue has been discovered in GitLab affecting all versions starting from 11.6. Pull mirror credentials are exposed that allows other maintainers to be able to view the credentials in plain-text,
CVSS Score
6.8
EPSS Score
0.001
Published
2021-05-06
CVE-2021-22205
Known exploited
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files that were passed to a file parser which resulted in a remote command execution.
CVSS Score
10.0
EPSS Score
0.945
Published
2021-04-23
CVE-2021-22202
An issue has been discovered in GitLab CE/EE affecting all previous versions. If the victim is an admin, it was possible to issue a CSRF in System hooks through the API.
CVSS Score
2.4
EPSS Score
0.002
Published
2021-04-02
CVE-2021-22197
An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.6 where an infinite loop exist when an authenticated user with specific rights access a MR having source and target branch pointing to each other
CVSS Score
3.5
EPSS Score
0.004
Published
2021-04-02
CVE-2021-22194
In all versions of GitLab, marshalled session keys were being stored in Redis.
CVSS Score
5.7
EPSS Score
0.0
Published
2021-03-26
CVE-2021-22186
An authorization issue in GitLab CE/EE version 9.4 and up allowed a group maintainer to modify group CI/CD variables which should be restricted to group owners
CVSS Score
4.9
EPSS Score
0.002
Published
2021-03-24
CVE-2021-22193
An issue has been discovered in GitLab affecting all versions starting with 7.1. A member of a private group was able to validate the use of a specific name for private project.
CVSS Score
3.5
EPSS Score
0.003
Published
2021-03-24
CVE-2021-22176
An issue has been discovered in GitLab affecting all versions starting with 3.0.1. Improper access control allows demoted project members to access details on authored merge requests
CVSS Score
4.3
EPSS Score
0.003
Published
2021-03-24
CVE-2021-22183
An issue has been discovered in GitLab affecting all versions starting with 11.8. GitLab was vulnerable to a stored XSS in the epics page, which could be exploited with user interactions.
CVSS Score
4.1
EPSS Score
0.002
Published
2021-03-04
CVE-2021-22189
Starting with version 13.7 the Gitlab CE/EE editions were affected by a security issue related to the validation of the certificates for the Fortinet OTP that could result in authentication issues.
CVSS Score
5.9
EPSS Score
0.001
Published
2021-03-04


Products
Pricing
Contact Us

Shodan ® - All rights reserved