gitlab

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Project management and code hosting application
Version 13.10.4-1 [community-testing]
13.10.3-2 [community]

Open

Group Affected Fixed Severity Status Ticket
AVG-1904 13.10.4-1 Medium Vulnerable
AVG-1888 13.10.3-2 13.10.4-1 High Testing
Issue Group Severity Remote Type Description
CVE-2021-31799 AVG-1904 Medium Yes Arbitrary command execution
RDoc before version 6.3.1 used to call Kernel#open to open a local file. If a Ruby project has a file whose name starts with "|" and ends with "tags", the...
CVE-2021-22904 AVG-1904 Low Yes Denial of service
There is a possible denial of service (DoS) vulnerability in the Token Authentication logic in Action Controller before versions 6.1.3.2, 6.0.3.7, 5.2.4.6...
CVE-2021-22902 AVG-1904 Low Yes Denial of service
There is a possible Denial of Service vulnerability in Action Dispatch before version 6 before 6.0.3.7 and 6.1.0.2. Carefully crafted Accept headers can...
CVE-2021-22885 AVG-1904 Medium Yes Information disclosure
There is a possible information disclosure/unintended method execution vulnerability in Action Pack before versions 6.1.3.2, 6.0.3.7, 5.2.4.6 and 5.2.6 when...
CVE-2021-22211 AVG-1888 Low Yes Access restriction bypass
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7. GitLab Dependency Proxy, under certain circumstances, can...
CVE-2021-22210 AVG-1888 Medium Yes Denial of service
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.2. When querying the repository branches through API, GitLab was...
CVE-2021-22209 AVG-1888 High Yes Insufficient validation
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.8. GitLab was not properly validating authorisation tokens which...
CVE-2021-22208 AVG-1888 Medium Yes Access restriction bypass
An issue has been discovered in GitLab affecting versions prior to 13.5. Improper permission check could allow the change of timestamp for issue creation or...
CVE-2021-22206 AVG-1888 Medium Yes Information disclosure
An issue has been discovered in GitLab affecting all versions prior to 11.6. Pull mirror credentials were exposed and could allow other maintainers to view...

Resolved

Group Affected Fixed Severity Status Ticket
AVG-1919 13.10.4-1 Medium Not affected
AVG-1822 13.10.2-1 13.10.3-1 Critical Fixed
AVG-1770 13.9.4-1 13.10.1-1 Critical Fixed
AVG-1710 13.9.3-1 13.9.4-1 Critical Fixed
AVG-1648 13.9.1-1 13.9.2-1 Medium Fixed
AVG-1522 13.8.1-1 Medium Not affected
AVG-1521 13.8.1-1 13.8.2-1 Medium Fixed
AVG-1416 13.7.1-1 13.7.2-1 High Fixed
AVG-1347 13.6.1-1 13.6.2-1 Medium Not affected
AVG-1333 13.6.1-1 13.6.2-1 Medium Fixed
AVG-802 11.4.0-1 11.4.3-2 High Not affected
AVG-794 11.4.0-1 11.4.3-1 Critical Fixed
AVG-726 11.0.0-1 11.0.1-1 Medium Fixed
Issue Group Severity Remote Type Description
CVE-2021-28965 AVG-1822 Critical Yes Incorrect calculation
When parsing and serializing a crafted XML document, the REXML gem (including the one bundled with Ruby) can create a wrong XML document whose structure is...
CVE-2021-22903 AVG-1919 Medium Yes Open redirect
There is a possible Open Redirect Vulnerability in Action Pack 6.1 before version 6.1.3.2. Specially crafted Host headers in combination with certain...
CVE-2021-22205 AVG-1822 Critical Yes Arbitrary code execution
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files that is passed to a...
CVE-2021-22203 AVG-1770 High Yes Arbitrary filesystem access
An issue has been discovered in GitLab CE/EE affecting all versions starting with 13.7.9. A specially crafted Wiki page allowed attackers to read arbitrary...
CVE-2021-22202 AVG-1770 Low Yes Cross-site request forgery
An issue has been discovered in GitLab CE/EE affecting all previous versions. If the victim is an admin, it was possible to issue a cross- site request...
CVE-2021-22201 AVG-1770 Critical Yes Directory traversal
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.9. A specially crafted import file could read files on the server. The...
CVE-2021-22200 AVG-1770 Medium Yes Information disclosure
An issue has been discovered in GitLab CE/EE affecting all versions starting with 12.6. Under a special condition it was possible to access data of an...
CVE-2021-22199 AVG-1770 Low Yes Cross-site scripting
An issue has been discovered in GitLab affecting all versions starting with 12.9. GitLab was vulnerable to a stored cross-site scripting (XSS) attack if...
CVE-2021-22198 AVG-1770 Medium Yes Access restriction bypass
An issue has been discovered in GitLab CE/EE affecting all versions from 13.8 and above allowing an authenticated user to delete incident metric images of...
CVE-2021-22197 AVG-1770 Low Yes Denial of service
An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.6 where an infinite loop exist when an authenticated user with specific...
CVE-2021-22196 AVG-1770 Medium Yes Cross-site scripting
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.4. It was possible to exploit a stored cross-site- scripting in merge...
CVE-2021-22192 AVG-1710 Critical Yes Arbitrary code execution
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.2 allowing unauthorized authenticated users to execute arbitrary code...
CVE-2021-22186 AVG-1648 Medium Yes Access restriction bypass
An authorization issue in GitLab CE/EE version 9.4 and up allowed a group maintainer to modify group CI/CD variables which should be restricted to group...
CVE-2021-22185 AVG-1648 Medium Yes Cross-site scripting
Insufficient input sanitization in wikis in GitLab version 13.8 and up allows an attacker to exploit a stored cross-site scripting vulnerability via a...
CVE-2021-22172 AVG-1521 Medium Yes Information disclosure
Improper authorization in GitLab 12.8+ allows a guest user in a private project to view tag data that should be inaccessible on the releases page. The issue...
CVE-2021-22171 AVG-1416 High Yes Authentication bypass
Insufficient validation of authentication parameters in GitLab Pages for GitLab 11.5+ would allow stealing a user's API access token. The issue is mitigated...
CVE-2021-22169 AVG-1522 Medium Yes Information disclosure
An issue was identified in GitLab EE 13.4 or later which could disclose internal IP address via error messages. It is fixed in versions 13.8.2, 13.7.6 and 13.6.6.
CVE-2021-22168 AVG-1416 Medium Yes Denial of service
A regular expression denial of service issue has been discovered in the NuGet API affecting all versions of GitLab starting from version 12.8. The issue is...
CVE-2021-22167 AVG-1416 Medium Yes Information disclosure
An issue has been discovered in GitLab affecting all versions starting from 12.1. Incorrect headers within a specific project page allow attackers to have...
CVE-2021-22166 AVG-1416 Medium Yes Denial of service
An attacker could cause a Prometheus denial of service in GitLab 13.7+ by sending an HTTP request with a malformed method. The issue is mitigated in GitLab...
CVE-2020-26417 AVG-1333 Medium Yes Information disclosure
Information disclosure via GraphQL in GitLab CE/EE 13.1 and later exposes private group and project membership. This affects versions >=13.6 to <13.6.2,...
CVE-2020-26416 AVG-1347 Medium Yes Information disclosure
Information disclosure in Advanced Search component of GitLab EE starting from 8.4 results in exposure of search terms via Rails logs. This affects versions...
CVE-2020-26415 AVG-1333 Medium Yes Information disclosure
An issue has been discovered in GitLab affecting all versions starting from 12.2 before 13.6.2, all versions starting from 12.2 before 13.5.5, all versions...
CVE-2020-26414 AVG-1416 Medium Yes Denial of service
An issue has been discovered in GitLab affecting all versions starting from 12.4. The regex used for package names is written in a way that makes execution...
CVE-2020-26413 AVG-1333 Medium Yes Information disclosure
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.4 before 13.6.2. Information disclosure via GraphQL starting in GitLab...
CVE-2020-26412 AVG-1347 Low Yes Information disclosure
Removed group members were able to use the To-Do functionality to retrieve updated information on confidential epics starting in GitLab EE 13.2 before 13.6.2.
CVE-2020-26411 AVG-1333 Medium Yes Denial of service
A potential denial of service vulnerability was discovered in all versions of Gitlab starting from 13.4.x (>=13.4 to <13.4.7, >=13.5 to <13.5.5, and >=13.6...
CVE-2020-26409 AVG-1333 Medium Yes Denial of service
A denial of service vulnerability exists in Gitlab CE/EE >=10.3, <13.4.7,>=13.5, <13.5.5,>=13.6, <13.6.2 that allows an attacker to trigger uncontrolled...
CVE-2020-26408 AVG-1333 Medium Yes Information disclosure
A limited information disclosure vulnerability exists in Gitlab CE/EE from >= 12.2 to <13.4.7, >=13.5 to <13.5.5, and >=13.6 to <13.6.2 that allows an...
CVE-2020-26407 AVG-1333 Medium Yes Cross-site scripting
A cross-site scripting vulnerability exists in Gitlab CE/EE from 12.4 before 13.4.7, 13.5 before 13.5.5, and 13.6 before 13.6.2 that allows an attacker to...
CVE-2020-13357 AVG-1333 Medium Yes Access restriction bypass
An issue was discovered in Gitlab CE/EE versions >= 13.1 to <13.4.7, >= 13.5 to <13.5.5, and >= 13.6 to <13.6.2 allowed an unauthorized user to access the...
CVE-2018-18843 AVG-802 High Yes Cross-site request forgery
The GitLab Kubernetes integration was vulnerable to a SSRF issue which could allow an attacker to make requests to access any internal URLs
CVE-2018-18649 AVG-794 Critical Yes Arbitrary code execution
A security issue has been found in gitlab versions prior to 11.4.3, where the wiki API contained an input validation issue which resulted in remote code execution.
CVE-2018-18648 AVG-794 Low Yes Information disclosure
A security issue has been found in gitlab versions prior to 11.4.3, where a JSON endpoint was disclosing Gem version information which could result in an...
CVE-2018-18647 AVG-802 Medium Yes Access restriction bypass
A security issue has been found in gitlab versions prior to 11.4.3, where the protected_branches API was vulnerable to an issue which allowed an...
CVE-2018-18646 AVG-794 Medium Yes Cross-site request forgery
A security issue has been found in gitlab versions prior to 11.4.3, where the Hipchat integration was vulnerable to a SSRF issue which allowed an attacker...
CVE-2018-18645 AVG-794 Low Yes Information disclosure
A security issue has been found in gitlab versions prior to 11.4.3, where when replying to an issue through email, with the GitLab email footer included, a...
CVE-2018-18644 AVG-802 Medium Yes Information disclosure
A security issue has been found in gitlab versions prior to 11.4.3, where the Prometheus integration was vulnerable to an indirect object reference issue...
CVE-2018-18643 AVG-794 Medium Yes Cross-site scripting
A security issue has been found in gitlab versions prior to 11.4.3, where the fragment identifier (hash) of several pages contained a lack of input...
CVE-2018-18642 AVG-802 Medium Yes Cross-site scripting
A security issue has been found in gitlab versions prior to 11.4.3, where the license management and security reports pages contained a lack of input...
CVE-2018-18641 AVG-794 Low Yes Information disclosure
A security issue has been found in gitlab versions prior to 11.4.3, where personal access tokens were being stored unencrypted as plain text in the database...
CVE-2018-18640 AVG-794 Medium No Information disclosure
A security issue has been found in gitlab versions prior to 11.4.3, where private project pages had inadequate cache control, which resulted in unauthorized...
CVE-2018-12607 AVG-726 Medium Yes Cross-site scripting
The charts feature contained a persistent XSS issue due to a lack of output encoding.
CVE-2018-12606 AVG-726 Medium Yes Cross-site scripting
The wiki contains a persistent XSS issue due to a lack of output encoding affecting a specific markdown feature.
CVE-2018-3740 AVG-726 Medium Yes Insufficient validation
A specially crafted HTML fragment can cause Sanitize gem for Ruby to allow non-whitelisted attributes to be used on a whitelisted HTML element.

Advisories

Date Advisory Group Severity Type
29 Apr 2021 ASA-202104-1 AVG-1822 Critical multiple issues
25 Mar 2021 ASA-202103-13 AVG-1710 Critical arbitrary code execution
06 Feb 2021 ASA-202102-11 AVG-1521 Medium information disclosure
12 Jan 2021 ASA-202101-10 AVG-1416 High multiple issues
31 Oct 2018 ASA-201810-16 AVG-794 Critical multiple issues
04 Jul 2018 ASA-201807-1 AVG-726 Medium multiple issues