Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gitlab vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-2279
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.7 to 16.8.6 all versions starting from 16.9 prior to 16.9.4, all versions starting from 16.10 prior to 16.10.2. Using the autocomplete for issues references feature a crafted payload may lead to ...
NA
CVE-2023-6489
A denial of service vulnerability was identified in GitLab CE/EE, versions 16.7.7 before 16.8.6, 16.9 before 16.9.4 and 16.10 before 16.10.2 which allows an malicious user to spike the GitLab instance resources usage resulting in service degradation via chat integration feature.
NA
CVE-2023-6678
An issue has been discovered in GitLab EE affecting all versions prior to 16.8.6, all versions starting from 16.9 prior to 16.9.4, all versions starting from 16.10 prior to 16.10.2. It was possible for an malicious user to cause a denial of service using malicious crafted content...
NA
CVE-2024-3092
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.9 prior to 16.9.4, all versions starting from 16.10 prior to 16.10.2. A payload may lead to a Stored XSS while using the diff viewer, allowing malicious users to perform arbitrary actions on beha...
NA
CVE_2024_3094
Ansible role cve_2024_3094 Check xz vulnerability (cve_2024_3094) on your system. GitHub GitLab Downloads Version Example Playbook This example is taken from molecule/default/converge.yml and is tested on each push, pull request and release. --- - name: Converge h...
1 Github repository
NA
CVE-2023-6371
An issue has been discovered in GitLab CE/EE affecting all versions prior to 16.8.5, all versions starting from 16.9 prior to 16.9.3, all versions starting from 16.10 prior to 16.10.1. A wiki page with a crafted payload may lead to a Stored XSS, allowing malicious users to perfor...
NA
CVE-2024-2818
An issue has been discovered in GitLab CE/EE affecting all versions prior to 16.8.5, all versions starting from 16.9 prior to 16.9.3, all versions starting from 16.10 prior to 16.10.1. It was possible for an malicious user to cause a denial of service using malicious crafted desc...
NA
CVE-2024-1299
A privilege escalation vulnerability exists in GitLab affecting versions 16.8 before 16.8.4 and 16.9 before 16.9.2. It was possible for a user with custom role of `manage_group_access_tokens` to rotate group access tokens with owner privileges.
NA
CVE-2024-0199
An authorization bypass vulnerability exists in GitLab affecting versions 11.3 before 16.7.7, 16.7.6 before 16.8.4, and 16.8.3 before 16.9.2. An attacker could bypass CODEOWNERS by utilizing a crafted payload in an old feature branch to perform malicious actions.
NA
CVE-2023-4895
An issue has been discovered in GitLab EE affecting all versions starting from 12.0 to 16.7.6, all versions starting from 16.8 prior to 16.8.3, all versions starting from 16.9 prior to 16.9.1. This vulnerability allows for bypassing the 'group ip restriction' settings t...
Gitlab Gitlab
Gitlab Gitlab 16.9.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675
CVE-2024-3400
CVE-2024-23557
mass assignment
CVE-2023-1389
local file inclusion
CVE-2024-32596
file upload
CVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »