Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gitlab gitlab 15.4 vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2022-2904
A cross-site scripting issue has been discovered in GitLab CE/EE affecting all versions starting from 15.2 prior to 15.2.5, all versions starting from 15.3 prior to 15.3.4, all versions starting from 15.4 prior to 15.4.1 It was possible to exploit a vulnerability in the external ...
Gitlab Gitlab
Gitlab Gitlab 15.4
7.5
CVSSv3
CVE-2022-3285
Bypass of healthcheck endpoint allow list affecting all versions from 12.0 before 15.2.5, 15.3 before 15.3.4, and 15.4 before 15.4.1 allows an unauthorized malicious user to prevent access to GitLab
Gitlab Gitlab 15.4.0
Gitlab Gitlab
5.3
CVSSv3
CVE-2022-3482
An improper access control issue in GitLab CE/EE affecting all versions from 11.3 before 15.3.5, 15.4 before 15.4.4, and 15.5 before 15.5.2 allowed an unauthorized user to see release names even when releases we set to be restricted to project members only
Gitlab Gitlab 15.6.0
Gitlab Gitlab
6.5
CVSSv3
CVE-2022-3820
An issue has been discovered in GitLab affecting all versions starting from 15.4 before 15.4.4, and 15.5 before 15.5.2. GitLab was not performing correct authentication with some Package Registries when IP address restrictions were configured, allowing an attacker already in poss...
Gitlab Gitlab 15.6.0
Gitlab Gitlab
4.9
CVSSv3
CVE-2022-3740
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.9 before 15.3.5, 15.4 before 15.4.4, and 15.5 before 15.5.2. A group owner may be able to bypass External Authorization check, if it is enabled, to access git repositories and package registries ...
Gitlab Gitlab 15.6.0
Gitlab Gitlab
6.1
CVSSv3
CVE-2022-3572
A cross-site scripting issue has been discovered in GitLab CE/EE affecting all versions from 13.5 before 15.3.5, 15.4 before 15.4.4, and 15.5 before 15.5.2. It was possible to exploit a vulnerability in setting the Jira Connect integration which could lead to a reflected XSS that...
Gitlab Gitlab 15.6.0
Gitlab Gitlab
4.3
CVSSv3
CVE-2022-3293
Email addresses were leaked in WebHook logs in GitLab EE affecting all versions from 9.3 before 15.2.5, 15.3 before 15.3.4, and 15.4 before 15.4.1
Gitlab Gitlab
6.5
CVSSv3
CVE-2022-3291
Serialization of sensitive data in GitLab EE affecting all versions from 14.9 before 15.2.5, 15.3 before 15.3.4, and 15.4 before 15.4.1 can leak sensitive information via cache
Gitlab Gitlab
6.5
CVSSv3
CVE-2022-3279
An unhandled exception in job log parsing in GitLab CE/EE affecting all versions before 15.2.5, 15.3 before 15.3.4, and 15.4 before 15.4.1 allows an malicious user to prevent access to job logs
Gitlab Gitlab
4.3
CVSSv3
CVE-2022-3330
It was possible for a guest user to read a todo targeting an inaccessible note in Gitlab CE/EE affecting all versions from 15.0 before 15.2.5, 15.3 before 15.3.4, and 15.4 before 15.4.1.
Gitlab Gitlab
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »