Search CVE reports
71 – 80 of 1245 results
CVE-2024-2454
Medium priorityAn issue has been discovered in GitLab CE/EE affecting all versions starting from 15.11 prior to 16.9.7, starting from 16.10 prior to 16.10.5, and starting from 16.11 prior to 16.11.2. The pins endpoint is susceptible to DoS...
1 affected packages
gitlab
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| gitlab | Not in release | Not in release | Not in release | — | Ignored |
CVE-2023-6688
Medium priorityAn issue has been discovered in GitLab CE/EE affecting all versions starting from 16.11 prior to 16.11.2. A problem with the processing logic for Google Chat Messages integration may lead to a regular expression DoS attack on the server.
1 affected packages
gitlab
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| gitlab | Not in release | Not in release | Not in release | — | Ignored |
CVE-2023-6682
Medium priorityAn issue has been discovered in GitLab CE/EE affecting all versions starting from 16.9 prior to 16.9.7, starting from 16.10 prior to 16.10.5, and starting from 16.11 prior to 16.11.2. A problem with the processing logic for...
1 affected packages
gitlab
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| gitlab | Not in release | Not in release | Not in release | — | Ignored |
CVE-2024-3661
Medium priorityDHCP can add routes to a client’s routing table via the classless static route option (121). VPN-based security solutions that rely on routes to redirect traffic can be forced to leak traffic over the physical interface. An...
29 affected packages
connman, gadmin-openvpn-client, gadmin-openvpn-server, golang-github-apparentlymart-go-openvpn-mgmt, kvpnc...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| connman | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| gadmin-openvpn-client | Not in release | Not in release | Vulnerable | Vulnerable | Vulnerable |
| gadmin-openvpn-server | Not in release | Not in release | Vulnerable | Vulnerable | Vulnerable |
| golang-github-apparentlymart-go-openvpn-mgmt | Vulnerable | Vulnerable | Vulnerable | — | — |
| kvpnc | Not in release | Not in release | Not in release | Vulnerable | Vulnerable |
| libreswan | Vulnerable | Vulnerable | Vulnerable | Vulnerable | — |
| mozillavpn | Not in release | Vulnerable | Not in release | — | — |
| n2n | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| network-manager-fortisslvpn | Vulnerable | Vulnerable | Vulnerable | Vulnerable | — |
| network-manager-iodine | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| network-manager-l2tp | Vulnerable | Vulnerable | Vulnerable | Vulnerable | — |
| network-manager-openconnect | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| network-manager-openvpn | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| network-manager-pptp | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| network-manager-sstp | Vulnerable | Vulnerable | Not in release | — | — |
| network-manager-strongswan | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| network-manager-vpnc | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| openconnect | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| openfortivpn | Vulnerable | Vulnerable | Vulnerable | Vulnerable | — |
| openvpn | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| pptp-linux | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| pptpd | Not in release | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| quicktun | Vulnerable | Vulnerable | Vulnerable | Vulnerable | — |
| riseup-vpn | Vulnerable | Not in release | Not in release | — | — |
| softether-vpn | Vulnerable | Vulnerable | Not in release | — | — |
| sshuttle | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| tinc | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| vpnc | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| wireguard | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
CVE-2024-4024
Medium priorityAn issue has been discovered in GitLab CE/EE affecting all versions starting from 7.8 before 16.9.6, all versions starting from 16.10 before 16.10.4, all versions starting from 16.11 before 16.11.1. Under certain conditions, an...
2 affected packages
gitlab, gitlab-agent
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| gitlab | Not in release | Not in release | Not in release | — | Ignored |
| gitlab-agent | Needs evaluation | Not in release | Not in release | — | — |
CVE-2024-4006
Medium priorityAn issue has been discovered in GitLab CE/EE affecting all versions starting from 16.7 before 16.9.6, all versions starting from 16.10 before 16.10.4, all versions starting from 16.11 before 16.11.1 where personal access scopes...
2 affected packages
gitlab, gitlab-agent
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| gitlab | Not in release | Not in release | Not in release | — | Ignored |
| gitlab-agent | Needs evaluation | Not in release | Not in release | — | — |
CVE-2024-2829
Medium priorityAn issue has been discovered in GitLab CE/EE affecting all versions starting from 12.5 before 16.9.6, all versions starting from 16.10 before 16.10.4, all versions starting from 16.11 before 16.11.1. A crafted wildcard filter in...
2 affected packages
gitlab, gitlab-agent
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| gitlab | Not in release | Not in release | Not in release | — | Ignored |
| gitlab-agent | Needs evaluation | Not in release | Not in release | — | — |
CVE-2024-2434
Medium priorityAn issue has been discovered in GitLab affecting all versions of GitLab CE/EE 16.9 prior to 16.9.6, 16.10 prior to 16.10.4, and 16.11 prior to 16.11.1 where path traversal could lead to DoS and restricted file read.
2 affected packages
gitlab, gitlab-agent
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| gitlab | Not in release | Not in release | Not in release | — | Ignored |
| gitlab-agent | Needs evaluation | Not in release | Not in release | — | — |
CVE-2024-1347
Medium priorityAn issue has been discovered in GitLab CE/EE affecting all versions before 16.9.6, all versions starting from 16.10 before 16.10.4, all versions starting from 16.11 before 16.11.1. Under certain conditions, an attacker through a...
2 affected packages
gitlab, gitlab-agent
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| gitlab | Not in release | Not in release | Not in release | — | Ignored |
| gitlab-agent | Needs evaluation | Not in release | Not in release | — | — |
CVE-2024-3817
Medium priorityHashiCorp’s go-getter library is vulnerable to argument injection when executing Git to discover remote branches. This vulnerability does not affect the go-getter/v2 branch and package.
2 affected packages
golang-github-hashicorp-go-getter, golang-github-jesseduffield-go-getter
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| golang-github-hashicorp-go-getter | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | — |
| golang-github-jesseduffield-go-getter | Needs evaluation | Needs evaluation | Needs evaluation | — | — |