Skip to main content

Gitlab Oauth

2 CVEs product

Monthly

CVE-2019-10372 Maven MEDIUM PATCH This Month

An open redirect vulnerability in Jenkins Gitlab Authentication Plugin 1.4 and earlier in GitLabSecurityRealm.java allows attackers to redirect users to a URL outside Jenkins after successful login. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java Jenkins Open Redirect Gitlab Gitlab Oauth
NVD
CVSS 3.1
6.1
EPSS
1.0%
CVE-2019-10371 Maven HIGH PATCH This Week

A session fixation vulnerability in Jenkins Gitlab Authentication Plugin 1.4 and earlier in GitLabSecurityRealm.java allows unauthorized attackers to impersonate another user if they can control the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java Gitlab Jenkins Authentication Bypass Session Fixation +1
NVD
CVSS 3.1
7.5
EPSS
1.3%
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

An open redirect vulnerability in Jenkins Gitlab Authentication Plugin 1.4 and earlier in GitLabSecurityRealm.java allows attackers to redirect users to a URL outside Jenkins after successful login. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java Jenkins Open Redirect +2
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

A session fixation vulnerability in Jenkins Gitlab Authentication Plugin 1.4 and earlier in GitLabSecurityRealm.java allows unauthorized attackers to impersonate another user if they can control the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java Gitlab Jenkins +3
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy