Search Results (Refine Search)
- Keyword (text search): cpe:2.3:a:gitlab:runner:12.5.0:rc1:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2022-2251 |
Improper sanitization of branch names in GitLab Runner affecting all versions prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows a user who creates a branch with a specially crafted name and gets another user to trigger a pipeline to execute commands in the runner as that other user. Published: January 17, 2023; 4:15:12 PM -0500 |
V4.0:(not available) V3.1: 8.0 HIGH V2.0:(not available) |
CVE-2020-13295 |
For GitLab Runner before 13.0.12, 13.1.6, 13.2.3, by replacing dockerd with a malicious server, the Shared Runner is susceptible to SSRF. Published: August 10, 2020; 10:15:13 AM -0400 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0: 6.5 MEDIUM |