Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-03-24 | CVE-2021-22186 | Incorrect Authorization vulnerability in Gitlab An authorization issue in GitLab CE/EE version 9.4 and up allowed a group maintainer to modify group CI/CD variables which should be restricted to group owners | 4.0 |
2021-03-24 | CVE-2021-22185 | Cross-site Scripting vulnerability in Gitlab Insufficient input sanitization in wikis in GitLab version 13.8 and up allows an attacker to exploit a stored cross-site scripting vulnerability via a specially-crafted commit to a wiki | 3.5 |
2021-03-24 | CVE-2021-22179 | Server-Side Request Forgery (SSRF) vulnerability in Gitlab A vulnerability was discovered in GitLab versions before 12.2. | 5.5 |
2021-03-24 | CVE-2021-22178 | Server-Side Request Forgery (SSRF) vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 13.2. | 4.0 |
2021-03-24 | CVE-2021-22176 | Incorrect Authorization vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting with 3.0.1. | 4.0 |
2021-03-24 | CVE-2020-7839 | Improper Input Validation vulnerability in Markany Maepsbroker In MaEPSBroker 2.5.0.31 and prior, a command injection vulnerability caused by improper input validation checks when parsing brokerCommand parameter. | 7.5 |
2021-03-24 | CVE-2020-15809 | Path Traversal vulnerability in Spinetix products spxmanage on certain SpinetiX devices allows requests that access unintended resources because of SSRF and Path Traversal. | 4.0 |
2021-03-24 | CVE-2019-19354 | Incorrect Privilege Assignment vulnerability in Redhat Openshift Container Platform 4.4 An insecure modification vulnerability in the /etc/passwd file was found in the operator-framework/hadoop as shipped in Red Hat Openshift 4. | 7.8 |
2021-03-24 | CVE-2019-19353 | Incorrect Privilege Assignment vulnerability in Redhat Openshift Container Platform 4.0 An insecure modification vulnerability in the /etc/passwd file was found in the operator-framework/hive as shipped in Red Hat Openshift 4. | 6.9 |
2021-03-24 | CVE-2019-19352 | Incorrect Privilege Assignment vulnerability in Redhat Openshift Container Platform 4.0 An insecure modification vulnerability in the /etc/passwd file was found in the operator-framework/presto as shipped in Red Hat Openshift 4. | 7.0 |