Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gitlab gitlab vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2022-1821
An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.8 prior to 14.9.5, all versions starting from 14.10 prior to 14.10.4, all versions starting from 15.0 prior to 15.0.1. It may be possible for a subgroup member to access the members list of their...
Gitlab Gitlab
Gitlab Gitlab 15.0.0
8.8
CVSSv3
CVE-2022-2185
A critical issue has been discovered in GitLab affecting all versions starting from 14.0 before 14.10.5, 15.0 before 15.0.4, and 15.1 before 15.1.1 where an authenticated user authorized to import projects could import a maliciously crafted project leading to remote code executio...
Gitlab Gitlab 15.1.0
Gitlab Gitlab
3 Github repositories
6.5
CVSSv3
CVE-2022-2228
Information exposure in GitLab EE affecting all versions from 12.0 before 14.10.5, 15.0 before 15.0.4, and 15.1 before 15.1.1 allows an attacker with the appropriate access tokens to obtain CI variables in a group with using IP-based access restrictions even if the GitLab Runner ...
Gitlab Gitlab 15.1.0
Gitlab Gitlab
9.8
CVSSv3
CVE-2023-1708
An issue was identified in GitLab CE/EE affecting all versions from 1.0 before 15.8.5, 15.9 before 15.9.4, and 15.10 before 15.10.1 where non-printable characters gets copied from clipboard, allowing unexpected commands to be executed on victim machine.
Gitlab Gitlab 15.10.0
Gitlab Gitlab
5.3
CVSSv3
CVE-2023-1710
A sensitive information disclosure vulnerability in GitLab affecting all versions from 15.0 before 15.8.5, 15.9 before 15.9.4 and 15.10 before 15.10.1 allows an malicious user to view the count of internal notes for a given issue.
Gitlab Gitlab 15.10.0
Gitlab Gitlab
7.5
CVSSv3
CVE-2023-1733
A denial of service condition exists in the Prometheus server bundled with GitLab affecting all versions from 11.10 to 15.8.5, 15.9 to 15.9.4 and 15.10 to 15.10.1.
Gitlab Gitlab 15.10.0
Gitlab Gitlab
5.4
CVSSv3
CVE-2022-1416
Missing sanitization of data in Pipeline error messages in GitLab CE/EE affecting all versions starting from 1.0.2 prior to 14.8.6, all versions from 14.9.0 prior to 14.9.4, and all versions from 14.10.0 prior to 14.10.1 allows for rendering of attacker controlled HTML tags and C...
Gitlab Gitlab 14.10.0
Gitlab Gitlab
4.3
CVSSv3
CVE-2022-1428
An issue has been discovered in GitLab affecting all versions prior to 14.8.6, all versions starting from 14.9 prior to 14.9.4, all versions starting from 14.10 prior to 14.10.1. GitLab was incorrectly verifying throttling limits for authenticated package requests which resulted ...
Gitlab Gitlab 14.10.0
Gitlab Gitlab
4.5
CVSSv3
CVE-2022-2417
Insufficient validation in GitLab CE/EE affecting all versions from 12.10 before 15.0.5, 15.1 before 15.1.4, and 15.2 before 15.2.1 allows an authenticated and authorised user to import a project that includes branch names which are 40 hexadecimal characters, which could be abuse...
Gitlab Gitlab
Gitlab Gitlab 15.2
2.7
CVSSv3
CVE-2020-13261
Amazon EKS credentials disclosure in GitLab CE/EE 12.6 and later up to and including 13.0.1 allows other administrators to view Amazon EKS credentials via HTML source code
Gitlab Gitlab
Gitlab Gitlab 13.0.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »