Search CVE reports
71 – 80 of 1245 results
CVE-2024-2454
Medium priorityAn issue has been discovered in GitLab CE/EE affecting all versions starting from 15.11 prior to 16.9.7, starting from 16.10 prior to 16.10.5, and starting from 16.11 prior to 16.11.2. The pins endpoint is susceptible to DoS...
1 affected packages
gitlab
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gitlab | Not in release | Not in release | Not in release | — | Ignored |
CVE-2023-6688
Medium priorityAn issue has been discovered in GitLab CE/EE affecting all versions starting from 16.11 prior to 16.11.2. A problem with the processing logic for Google Chat Messages integration may lead to a regular expression DoS attack on the server.
1 affected packages
gitlab
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gitlab | Not in release | Not in release | Not in release | — | Ignored |
CVE-2023-6682
Medium priorityAn issue has been discovered in GitLab CE/EE affecting all versions starting from 16.9 prior to 16.9.7, starting from 16.10 prior to 16.10.5, and starting from 16.11 prior to 16.11.2. A problem with the processing logic for...
1 affected packages
gitlab
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gitlab | Not in release | Not in release | Not in release | — | Ignored |
CVE-2024-3661
Medium priorityDHCP can add routes to a client’s routing table via the classless static route option (121). VPN-based security solutions that rely on routes to redirect traffic can be forced to leak traffic over the physical interface. An...
29 affected packages
connman, gadmin-openvpn-client, gadmin-openvpn-server, golang-github-apparentlymart-go-openvpn-mgmt, kvpnc...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
connman | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
gadmin-openvpn-client | Not in release | Not in release | Vulnerable | Vulnerable | Vulnerable |
gadmin-openvpn-server | Not in release | Not in release | Vulnerable | Vulnerable | Vulnerable |
golang-github-apparentlymart-go-openvpn-mgmt | Vulnerable | Vulnerable | Vulnerable | — | — |
kvpnc | Not in release | Not in release | Not in release | Vulnerable | Vulnerable |
libreswan | Vulnerable | Vulnerable | Vulnerable | Vulnerable | — |
mozillavpn | Not in release | Vulnerable | Not in release | — | — |
n2n | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
network-manager-fortisslvpn | Vulnerable | Vulnerable | Vulnerable | Vulnerable | — |
network-manager-iodine | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
network-manager-l2tp | Vulnerable | Vulnerable | Vulnerable | Vulnerable | — |
network-manager-openconnect | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
network-manager-openvpn | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
network-manager-pptp | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
network-manager-sstp | Vulnerable | Vulnerable | Not in release | — | — |
network-manager-strongswan | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
network-manager-vpnc | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
openconnect | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
openfortivpn | Vulnerable | Vulnerable | Vulnerable | Vulnerable | — |
openvpn | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
pptp-linux | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
pptpd | Not in release | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
quicktun | Vulnerable | Vulnerable | Vulnerable | Vulnerable | — |
riseup-vpn | Vulnerable | Not in release | Not in release | — | — |
softether-vpn | Vulnerable | Vulnerable | Not in release | — | — |
sshuttle | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
tinc | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
vpnc | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
wireguard | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
CVE-2024-4024
Medium priorityAn issue has been discovered in GitLab CE/EE affecting all versions starting from 7.8 before 16.9.6, all versions starting from 16.10 before 16.10.4, all versions starting from 16.11 before 16.11.1. Under certain conditions, an...
2 affected packages
gitlab, gitlab-agent
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gitlab | Not in release | Not in release | Not in release | — | Ignored |
gitlab-agent | Needs evaluation | Not in release | Not in release | — | — |
CVE-2024-4006
Medium priorityAn issue has been discovered in GitLab CE/EE affecting all versions starting from 16.7 before 16.9.6, all versions starting from 16.10 before 16.10.4, all versions starting from 16.11 before 16.11.1 where personal access scopes...
2 affected packages
gitlab, gitlab-agent
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gitlab | Not in release | Not in release | Not in release | — | Ignored |
gitlab-agent | Needs evaluation | Not in release | Not in release | — | — |
CVE-2024-2829
Medium priorityAn issue has been discovered in GitLab CE/EE affecting all versions starting from 12.5 before 16.9.6, all versions starting from 16.10 before 16.10.4, all versions starting from 16.11 before 16.11.1. A crafted wildcard filter in...
2 affected packages
gitlab, gitlab-agent
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gitlab | Not in release | Not in release | Not in release | — | Ignored |
gitlab-agent | Needs evaluation | Not in release | Not in release | — | — |
CVE-2024-2434
Medium priorityAn issue has been discovered in GitLab affecting all versions of GitLab CE/EE 16.9 prior to 16.9.6, 16.10 prior to 16.10.4, and 16.11 prior to 16.11.1 where path traversal could lead to DoS and restricted file read.
2 affected packages
gitlab, gitlab-agent
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gitlab | Not in release | Not in release | Not in release | — | Ignored |
gitlab-agent | Needs evaluation | Not in release | Not in release | — | — |
CVE-2024-1347
Medium priorityAn issue has been discovered in GitLab CE/EE affecting all versions before 16.9.6, all versions starting from 16.10 before 16.10.4, all versions starting from 16.11 before 16.11.1. Under certain conditions, an attacker through a...
2 affected packages
gitlab, gitlab-agent
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gitlab | Not in release | Not in release | Not in release | — | Ignored |
gitlab-agent | Needs evaluation | Not in release | Not in release | — | — |
CVE-2024-3817
Medium priorityHashiCorp’s go-getter library is vulnerable to argument injection when executing Git to discover remote branches. This vulnerability does not affect the go-getter/v2 branch and package.
2 affected packages
golang-github-hashicorp-go-getter, golang-github-jesseduffield-go-getter
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
golang-github-hashicorp-go-getter | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | — |
golang-github-jesseduffield-go-getter | Needs evaluation | Needs evaluation | Needs evaluation | — | — |