Search CVE reports
141 – 150 of 1245 results
CVE-2023-3909
Medium priorityAn issue has been discovered in GitLab CE/EE affecting all versions starting from 12.3 before 16.3.6, all versions starting from 16.4 before 16.4.2, all versions starting from 16.5 before 16.5.1. A Regular Expression Denial of...
1 affected packages
gitlab
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gitlab | Not in release | Not in release | Not in release | — | Ignored |
CVE-2023-3399
Medium priorityAn issue has been discovered in GitLab EE affecting all versions starting from 11.6 before 16.3.6, all versions starting from 16.4 before 16.4.2, all versions starting from 16.5 before 16.5.1. It was possible for an unauthorised...
2 affected packages
gitlab, gitlab-agent
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gitlab | Not in release | Not in release | Not in release | — | Needs evaluation |
gitlab-agent | Needs evaluation | Not in release | Not in release | — | — |
CVE-2023-3246
Medium priorityAn issue has been discovered in GitLab EE/CE affecting all versions starting before 16.3.6, all versions starting from 16.4 before 16.4.2, all versions starting from 16.5 before 16.5.1 which allows an attackers to block Sidekiq...
2 affected packages
gitlab, gitlab-agent
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gitlab | Not in release | Not in release | Not in release | — | Needs evaluation |
gitlab-agent | Needs evaluation | Not in release | Not in release | — | — |
CVE-2023-5831
Medium priorityAn issue has been discovered in GitLab CE/EE affecting all versions starting from 16.0 before 16.3.6, all versions starting from 16.4 before 16.4.2, and all versions starting from 16.5.0 before 16.5.1 which have...
1 affected packages
gitlab
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gitlab | Not in release | Not in release | Not in release | — | Ignored |
CVE-2023-5825
Medium priorityAn issue has been discovered in GitLab CE/EE affecting all versions starting from 16.2 before 16.3.6, all versions starting from 16.4 before 16.4.2, all versions starting from 16.5 before 16.5.1. A low-privileged attacker can...
1 affected packages
gitlab
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gitlab | Not in release | Not in release | Not in release | — | Ignored |
CVE-2023-46239
Medium priorityquic-go is an implementation of the QUIC protocol in Go. Starting in version 0.37.0 and prior to version 0.37.3, by serializing an ACK frame after the CRYTPO that allows a node to complete the handshake, a remote node could...
1 affected packages
golang-github-lucas-clemente-quic-go
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
golang-github-lucas-clemente-quic-go | Needs evaluation | Needs evaluation | Not in release | Ignored | Ignored |
CVE-2023-46129
Medium priorityNATS.io is a high performance open source pub-sub distributed communication technology, built for the cloud, on-premise, IoT, and edge computing. The cryptographic key handling library, nkeys, recently gained support...
2 affected packages
golang-github-nats-io-nkeys, nats-server
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
golang-github-nats-io-nkeys | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
nats-server | Needs evaluation | Not in release | Not in release | Ignored | Ignored |
CVE-2023-45683
Medium prioritygithub.com/crewjam/saml is a saml library for the go language. In affected versions the package does not validate the ACS Location URI according to the SAML binding being parsed. If abused, this flaw allows attackers to register...
1 affected packages
golang-github-crewjam-saml
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
golang-github-crewjam-saml | Needs evaluation | Needs evaluation | Not in release | Not in release | Not in release |
CVE-2023-5106
Medium priorityAn issue has been discovered in Ultimate-licensed GitLab EE affecting all versions starting 13.12 prior to 16.2.8, 16.3.0 prior to 16.3.5, and 16.4.0 prior to 16.4.1 that could allow an attacker to impersonate users in...
1 affected packages
gitlab
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gitlab | Not in release | Not in release | Not in release | Ignored | Ignored |
CVE-2023-5207
Medium priorityA vulnerability was discovered in GitLab CE and EE affecting all versions starting 16.0 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1. An authenticated attacker could perform arbitrary pipeline execution under...
1 affected packages
gitlab
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gitlab | Not in release | Not in release | Not in release | Ignored | Ignored |