Search for packages
| purl | pkg:alpm/archlinux/gitlab@14.1.1-1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-dpda-b429-ske5
Aliases: CVE-2021-22237 |
Under specialized conditions, GitLab may allow a user with an impersonation token to perform Git actions even if impersonation is disabled. This vulnerability is present in GitLab CE/EE versions before 13.12.9, 14.0.7, 14.1.2 |
Affected by 0 other vulnerabilities. |
|
VCID-qs8s-5gm5-m3hy
Aliases: CVE-2021-22241 |
An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.0. It was possible to exploit a stored cross-site-scripting via a specifically crafted default branch name. |
Affected by 0 other vulnerabilities. |
|
VCID-tk7s-v2w6-ukhr
Aliases: CVE-2021-22239 |
An unauthorized user was able to insert metadata when creating new issue on GitLab CE/EE 14.0 and later. |
Affected by 0 other vulnerabilities. |
|
VCID-xuub-mcj4-rqhg
Aliases: CVE-2021-22236 |
Due to improper handling of OAuth client IDs, new subscriptions generated OAuth tokens on an incorrect OAuth client application. This vulnerability is present in GitLab CE/EE since version 14.1. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T18:25:25.470784+00:00 | Arch Linux Importer | Affected by | VCID-xuub-mcj4-rqhg | https://security.archlinux.org/AVG-2251 | 38.0.0 |
| 2026-04-01T18:25:25.444714+00:00 | Arch Linux Importer | Affected by | VCID-dpda-b429-ske5 | https://security.archlinux.org/AVG-2251 | 38.0.0 |
| 2026-04-01T18:25:25.420863+00:00 | Arch Linux Importer | Affected by | VCID-tk7s-v2w6-ukhr | https://security.archlinux.org/AVG-2251 | 38.0.0 |
| 2026-04-01T18:25:25.394786+00:00 | Arch Linux Importer | Affected by | VCID-qs8s-5gm5-m3hy | https://security.archlinux.org/AVG-2251 | 38.0.0 |