漏洞描述
GitLab是一个利用 Ruby on Rails 开发的开源应用程序,实现一个自托管的Git项目仓库,可通过Web界面进行访问公开的或者私人项目。 GitLab 存在未授权漏洞,攻击者可以利用此漏洞访问项目,通过查看和了解项目源代码对相应系统发起进一步的攻击。
Gitlab 未授权访问漏洞
PoC代码
暂无相关漏洞推荐
- gitlab-api-user-enum: GitLab - User Information Disclosure Via Open API
- POC CVE-2024-45409: GitLab - SAML Authentication Bypass
- POC CVE-2025-25291: GitLab - SAML Authentication Bypass
- POC CVE-2019-6793: GitLab Enterprise Edition - Server-Side Request Forgery
- POC CVE-2020-2096: Jenkins Gitlab Hook <=1.4.2 - Cross-Site Scripting
- POC CVE-2020-26413: Gitlab CE/EE 13.4 - 13.6.2 - Information Disclosure
- POC CVE-2021-22205: GitLab CE/EE - Remote Code Execution
- POC CVE-2021-22214: Gitlab CE/EE 10.5 - Server-Side Request Forgery
- POC CVE-2021-4191: GitLab GraphQL API User Enumeration
- POC CVE-2022-0735: GitLab CE/EE - Information Disclosure
- POC CVE-2022-1162: GitLab CE/EE - Hard-Coded Credentials
- POC CVE-2022-2185: GitLab CE/EE - Remote Code Execution
- POC CVE-2023-2825: GitLab 16.0.0 - Path Traversal