Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gitlab gitlab vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-4006
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.7 prior to 16.9.6, all versions starting from 16.10 prior to 16.10.4, all versions starting from 16.11 prior to 16.11.1 where personal access scopes were not honored by GraphQL subscriptions
NA
CVE-2024-4024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 7.8 prior to 16.9.6, all versions starting from 16.10 prior to 16.10.4, all versions starting from 16.11 prior to 16.11.1. Under certain conditions, an attacker with their Bitbucket account credenti...
NA
CVE-2024-2434
An issue has been discovered in GitLab affecting all versions of GitLab CE/EE 16.9 before 16.9.6, 16.10 before 16.10.4, and 16.11 before 16.11.1 where path traversal could lead to DoS and restricted file read.
NA
CVE-2024-2829
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.5 prior to 16.9.6, all versions starting from 16.10 prior to 16.10.4, all versions starting from 16.11 prior to 16.11.1. A crafted wildcard filter in FileFinder may lead to a denial of service.
NA
CVE-2024-1347
An issue has been discovered in GitLab CE/EE affecting all versions prior to 16.9.6, all versions starting from 16.10 prior to 16.10.4, all versions starting from 16.11 prior to 16.11.1. Under certain conditions, an attacker through a crafted email address may be able to bypass d...
NA
CVE-2024-3092
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.9 prior to 16.9.4, all versions starting from 16.10 prior to 16.10.2. A payload may lead to a Stored XSS while using the diff viewer, allowing malicious users to perform arbitrary actions on beha...
NA
CVE-2023-6489
A denial of service vulnerability was identified in GitLab CE/EE, versions 16.7.7 before 16.8.6, 16.9 before 16.9.4 and 16.10 before 16.10.2 which allows an malicious user to spike the GitLab instance resources usage resulting in service degradation via chat integration feature.
NA
CVE-2023-6678
An issue has been discovered in GitLab EE affecting all versions prior to 16.8.6, all versions starting from 16.9 prior to 16.9.4, all versions starting from 16.10 prior to 16.10.2. It was possible for an malicious user to cause a denial of service using malicious crafted content...
NA
CVE-2024-2279
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.7 to 16.8.6 all versions starting from 16.9 prior to 16.9.4, all versions starting from 16.10 prior to 16.10.2. Using the autocomplete for issues references feature a crafted payload may lead to ...
NA
CVE-2023-6371
An issue has been discovered in GitLab CE/EE affecting all versions prior to 16.8.5, all versions starting from 16.9 prior to 16.9.3, all versions starting from 16.10 prior to 16.10.1. A wiki page with a crafted payload may lead to a Stored XSS, allowing malicious users to perfor...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »