Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gitlab gitlab vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2022-1545
It was possible to disclose details of confidential notes created via the API in Gitlab CE/EE affecting all versions from 13.2 before 14.8.6, 14.9 before 14.9.4, and 14.10 before 14.10.1 if an unauthorised project member was tagged in the note.
Gitlab Gitlab 14.10.0
Gitlab Gitlab
NA
CVE-2023-3909
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.3 prior to 16.3.6, all versions starting from 16.4 prior to 16.4.2, all versions starting from 16.5 prior to 16.5.1. A Regular Expression Denial of Service was possible by adding a large string i...
Gitlab Gitlab
Gitlab Gitlab 16.5.0
NA
CVE-2023-3914
A business logic error in GitLab EE affecting all versions before 16.2.8, 16.3 before 16.3.5, and 16.4 before 16.4.1 allows access to internal projects. A service account is not deleted when a namespace is deleted, allowing access to internal projects.
Gitlab Gitlab
Gitlab Gitlab 16.4.0
NA
CVE-2023-3915
An issue has been discovered in GitLab EE affecting all versions starting from 16.1 prior to 16.1.5, all versions starting from 16.2 prior to 16.2.5, all versions starting from 16.3 prior to 16.3.1. If an external user is given an owner role on any group, that external user may e...
Gitlab Gitlab 16.3.0
Gitlab Gitlab
NA
CVE-2023-3917
Denial of Service in pipelines affecting all versions of Gitlab EE and CE before 16.2.8, 16.3 before 16.3.5, and 16.4 before 16.4.1 allows malicious user to cause pipelines to fail.
Gitlab Gitlab
Gitlab Gitlab 16.4.0
NA
CVE-2023-3920
An issue has been discovered in GitLab affecting all versions starting from 11.2 prior to 16.2.8, all versions starting from 16.3 prior to 16.3.5, all versions starting from 16.4 prior to 16.4.1. It was possible that a maintainer to create a fork relationship between existing pro...
Gitlab Gitlab
Gitlab Gitlab 16.4.0
NA
CVE-2023-3922
An issue has been discovered in GitLab affecting all versions starting from 8.15 prior to 16.2.8, all versions starting from 16.3 prior to 16.3.5, all versions starting from 16.4 prior to 16.4.1. It was possible to hijack some links and buttons on the GitLab UI to a malicious pag...
Gitlab Gitlab
Gitlab Gitlab 16.4.0
516
VMScore
CVE-2022-0283
An issue has been discovered affecting GitLab versions before 13.5. An open redirect vulnerability was fixed in GitLab integration with Jira that a could cause the web application to redirect the request to the attacker specified URL.
Gitlab Gitlab
Gitlab Gitlab 14.7
NA
CVE-2022-2307
A lack of cascading deletes in GitLab CE/EE affecting all versions starting from 13.0 prior to 15.0.5, all versions starting from 15.1 prior to 15.1.4, all versions starting from 15.2 prior to 15.2.1 allows a malicious Group Owner to retain a usable Group Access Token even after ...
Gitlab Gitlab
Gitlab Gitlab 15.2
NA
CVE-2023-3362
An information disclosure issue in GitLab CE/EE affecting all versions from 16.0 before 16.0.6, and version 16.1.0 allows unauthenticated actors to access the import error information if a project was imported from GitHub.
Gitlab Gitlab
Gitlab Gitlab 16.1.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
CVE-2024-35649
stored XSS
CVE-2022-28654
CVE-2020-35153
CVE-2024-27348
CVE-2022-28652
local users
CVE-2017-3506
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »