Количество 5 336
Количество 5 336
CVE-2021-39874
In all versions of GitLab CE/EE since version 11.0, the requirement to enforce 2FA is not honored when using git commands.
CVE-2021-39874
In all versions of GitLab CE/EE since version 11.0, the requirement to enforce 2FA is not honored when using git commands.
CVE-2021-39874
In all versions of GitLab CE/EE since version 11.0, the requirement to ...
CVE-2021-39873
In all versions of GitLab CE/EE, there exists a content spoofing vulnerability which may be leveraged by attackers to trick users into visiting a malicious website by spoofing the content in an error response.
CVE-2021-39873
In all versions of GitLab CE/EE, there exists a content spoofing vulnerability which may be leveraged by attackers to trick users into visiting a malicious website by spoofing the content in an error response.
CVE-2021-39873
In all versions of GitLab CE/EE, there exists a content spoofing vulne ...
CVE-2021-39872
In all versions of GitLab CE/EE since version 14.1, an improper access control vulnerability allows users with expired password to still access GitLab through git and API through access tokens acquired before password expiration.
CVE-2021-39872
In all versions of GitLab CE/EE since version 14.1, an improper access control vulnerability allows users with expired password to still access GitLab through git and API through access tokens acquired before password expiration.
CVE-2021-39872
In all versions of GitLab CE/EE since version 14.1, an improper access ...
CVE-2021-39871
In all versions of GitLab CE/EE since version 13.0, an instance that has the setting to disable Bitbucket Server import enabled is bypassed by an attacker making a crafted API call.
CVE-2021-39871
In all versions of GitLab CE/EE since version 13.0, an instance that has the setting to disable Bitbucket Server import enabled is bypassed by an attacker making a crafted API call.
CVE-2021-39871
In all versions of GitLab CE/EE since version 13.0, an instance that h ...
CVE-2021-39870
In all versions of GitLab CE/EE since version 11.11, an instance that has the setting to disable Repo by URL import enabled is bypassed by an attacker making a crafted API call.
CVE-2021-39870
In all versions of GitLab CE/EE since version 11.11, an instance that has the setting to disable Repo by URL import enabled is bypassed by an attacker making a crafted API call.
CVE-2021-39870
In all versions of GitLab CE/EE since version 11.11, an instance that ...
CVE-2021-39869
In all versions of GitLab CE/EE since version 8.9, project exports may expose trigger tokens configured on that project.
CVE-2021-39869
In all versions of GitLab CE/EE since version 8.9, project exports may expose trigger tokens configured on that project.
CVE-2021-39869
In all versions of GitLab CE/EE since version 8.9, project exports may ...
CVE-2021-39868
In all versions of GitLab CE/EE since version 8.12, an authenticated low-privileged malicious user may create a project with unlimited repository size by modifying values in a project export.
CVE-2021-39868
In all versions of GitLab CE/EE since version 8.12, an authenticated low-privileged malicious user may create a project with unlimited repository size by modifying values in a project export.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2021-39874 In all versions of GitLab CE/EE since version 11.0, the requirement to enforce 2FA is not honored when using git commands. | CVSS3: 4.3 | 0% Низкий | больше 4 лет назад |
 | CVE-2021-39874 In all versions of GitLab CE/EE since version 11.0, the requirement to enforce 2FA is not honored when using git commands. | CVSS3: 4.3 | 0% Низкий | больше 4 лет назад |
| CVE-2021-39874 In all versions of GitLab CE/EE since version 11.0, the requirement to ... | CVSS3: 4.3 | 0% Низкий | больше 4 лет назад |
| CVE-2021-39873 In all versions of GitLab CE/EE, there exists a content spoofing vulnerability which may be leveraged by attackers to trick users into visiting a malicious website by spoofing the content in an error response. | CVSS3: 4.3 | 0% Низкий | больше 4 лет назад |
| CVE-2021-39873 In all versions of GitLab CE/EE, there exists a content spoofing vulnerability which may be leveraged by attackers to trick users into visiting a malicious website by spoofing the content in an error response. | CVSS3: 4.3 | 0% Низкий | больше 4 лет назад |
| CVE-2021-39873 In all versions of GitLab CE/EE, there exists a content spoofing vulne ... | CVSS3: 4.3 | 0% Низкий | больше 4 лет назад |
| CVE-2021-39872 In all versions of GitLab CE/EE since version 14.1, an improper access control vulnerability allows users with expired password to still access GitLab through git and API through access tokens acquired before password expiration. | CVSS3: 6.5 | 0% Низкий | больше 4 лет назад |
| CVE-2021-39872 In all versions of GitLab CE/EE since version 14.1, an improper access control vulnerability allows users with expired password to still access GitLab through git and API through access tokens acquired before password expiration. | CVSS3: 6.5 | 0% Низкий | больше 4 лет назад |
| CVE-2021-39872 In all versions of GitLab CE/EE since version 14.1, an improper access ... | CVSS3: 6.5 | 0% Низкий | больше 4 лет назад |
| CVE-2021-39871 In all versions of GitLab CE/EE since version 13.0, an instance that has the setting to disable Bitbucket Server import enabled is bypassed by an attacker making a crafted API call. | CVSS3: 4.3 | 0% Низкий | больше 4 лет назад |
| CVE-2021-39871 In all versions of GitLab CE/EE since version 13.0, an instance that has the setting to disable Bitbucket Server import enabled is bypassed by an attacker making a crafted API call. | CVSS3: 4.3 | 0% Низкий | больше 4 лет назад |
| CVE-2021-39871 In all versions of GitLab CE/EE since version 13.0, an instance that h ... | CVSS3: 4.3 | 0% Низкий | больше 4 лет назад |
| CVE-2021-39870 In all versions of GitLab CE/EE since version 11.11, an instance that has the setting to disable Repo by URL import enabled is bypassed by an attacker making a crafted API call. | CVSS3: 4.3 | 0% Низкий | больше 4 лет назад |
| CVE-2021-39870 In all versions of GitLab CE/EE since version 11.11, an instance that has the setting to disable Repo by URL import enabled is bypassed by an attacker making a crafted API call. | CVSS3: 4.3 | 0% Низкий | больше 4 лет назад |
| CVE-2021-39870 In all versions of GitLab CE/EE since version 11.11, an instance that ... | CVSS3: 4.3 | 0% Низкий | больше 4 лет назад |
| CVE-2021-39869 In all versions of GitLab CE/EE since version 8.9, project exports may expose trigger tokens configured on that project. | CVSS3: 6.5 | 0% Низкий | больше 4 лет назад |
| CVE-2021-39869 In all versions of GitLab CE/EE since version 8.9, project exports may expose trigger tokens configured on that project. | CVSS3: 6.5 | 0% Низкий | больше 4 лет назад |
| CVE-2021-39869 In all versions of GitLab CE/EE since version 8.9, project exports may ... | CVSS3: 6.5 | 0% Низкий | больше 4 лет назад |
| CVE-2021-39868 In all versions of GitLab CE/EE since version 8.12, an authenticated low-privileged malicious user may create a project with unlimited repository size by modifying values in a project export. | CVSS3: 4.3 | 0% Низкий | больше 4 лет назад |
| CVE-2021-39868 In all versions of GitLab CE/EE since version 8.12, an authenticated low-privileged malicious user may create a project with unlimited repository size by modifying values in a project export. | CVSS3: 4.3 | 0% Низкий | больше 4 лет назад |
Уязвимостей на страницу