Gitlab


reports in last 90 days

94

disclosed resolved issues

2

disclosed informative issues

1

disclosed N/A issues

Listed on HackerOne — Updated on 2019/10/15

Bug Title Bug Type Found By Report Info Report Status

Low Last pipeline status for MR leaked

Improper Authentication - Generic xanbanx Time to triage: 4 Days and 11 hours


Time to close: 101 Days and 15 hours
Resolved

Low Privilege escalation due to insecure use of logrotate

Privilege Escalation petee Time to triage: 19 Days and 1 hours


Time to close: 90 Days and 3 hours
Resolved

Medium Bypassing push rules via MRs created by Email

Improper Access Control - Generic xanbanx Time to triage: 20 Days and 4 hours


Time to close: 132 Days and 2 hours
Resolved

Low Clientside resource Exhausting by exploiting gitlab math rendering

Denial of Service abdilahrf_ Time to triage: 7 Days and 10 hours


Time to close: 122 Days and 13 hours
Resolved

Low Add and Access to Labels of any Private Projects/Groups of Gitlab(IDOR)

Insecure Direct Object Reference (IDOR) vijay_kumar1110 Time to triage: 0 Days and 18 hours


Time to close: 146 Days and 16 hours
Resolved

High information disclosure of secret_key_base via encoding charcters

Information Exposure Through an Error Message paresh_parmar Time to triage: 0 Days and 3 hours


Time to close: 7 Days and 17 hours
Resolved

Critical Full access to internal Gitlab instances at redash.gitlab.com, dashboards.gitlab.com, prometheus.gitlab.com

Incorrect Authorization rijalrojan Time to triage: 0 Days and 18 hours


Time to close: 12 Days and 22 hours
Resolved

High Stored XSS in Wiki pages

Cross-site Scripting (XSS) - Stored ryhmnlfj Time to triage: 1 Days and 13 hours


Time to close: 146 Days and 20 hours
Resolved

Low Access Projects And create projects in gitlab pre production server

Improper Access Control - Generic uzsunny Time to triage: 6 Days and 18 hours


Time to close: 0 Days and 21 hours
Resolved

Medium GitLab's GitHub integration is vulnerable to SSRF vulnerability

Server-Side Request Forgery (SSRF) jobert Time to triage: 11 Days and 9 hours


Time to close: 260 Days and 4 hours
Resolved

Low Persistent XSS via e-mail when creating merge requests

Cross-site Scripting (XSS) - Generic mario-areias Time to triage: 16 Days and 14 hours


Time to close: 179 Days and 0 hours
Resolved

Low Last build status and coverage leaked to unauthorized users

Information Disclosure xanbanx Issue was not triaged


Time to close: 233 Days and 2 hours
Resolved

Medium Bypass Email Verification -- Able to Access Internal Gitlab Services that use Login with Gitlab and Perform Check on email domain

Reliance on Untrusted Inputs in a Security Decision ngalog Time to triage: 13 Days and 6 hours


Time to close: 91 Days and 10 hours
Resolved

Low All functions that allow users to specify color code are vulnerable to ReDoS

Denial of Service 8ayac Time to triage: 15 Days and 14 hours


Time to close: 107 Days and 1 hours
Resolved

Critical Local files could be overwritten in GitLab, leading to remote command execution

Command Injection - Generic nyangawa Time to triage: 0 Days and 1 hours


Time to close: 11 Days and 22 hours
Resolved

High Attacker is able to access commit title and team member comments which are supposed to be private

Improper Access Control - Generic yashrs Time to triage: 1 Days and 19 hours


Time to close: 66 Days and 13 hours
Resolved

Low Milestones leaked via search API

Improper Access Control - Generic xanbanx Time to triage: 5 Days and 18 hours


Time to close: 168 Days and 3 hours
Resolved

High Persistent XSS in Note objects

Cross-site Scripting (XSS) - Stored nyangawa Time to triage: 0 Days and 10 hours


Time to close: 83 Days and 0 hours
Resolved

None Guests Will Disclose the Private Project Full Activity Via Project Activity Feeds

Information Disclosure urztruzchitrz Issue was not triaged


Time to close: 2 Days and 22 hours
Not-applicable

Medium [Markdown] Stored XSS via character encoding parser bypass

Cross-site Scripting (XSS) - Stored ysx Time to triage: 0 Days and 1 hours


Time to close: 25 Days and 2 hours
Resolved

Critical Access to GitLab's Slack by abusing issue creation from e-mail

Improper Authentication - Generic intidc Time to triage: 63 Days and 14 hours


Time to close: 104 Days and 7 hours
Resolved

Critical Read files on application server, leads to RCE

Information Disclosure jobert Time to triage: 0 Days and 14 hours


Time to close: 6 Days and 23 hours
Resolved

Medium Unauthorized users may be able to view almost all informations related to Private projects.

Information Disclosure 8ayac Time to triage: 2 Days and 18 hours


Time to close: 47 Days and 3 hours
Resolved

None Inadequate cache control in gitter allows to view private chat room

Improper Authentication - Generic dhakalananda Issue was not triaged


Time to close: 7 Days and 6 hours
Duplicate

Medium Removing a user from a private group doesn't remove him from group's project, if his project's role was changed

Improper Access Control - Generic rpadovani Time to triage: 11 Days and 5 hours


Time to close: 396 Days and 0 hours
Resolved