Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gitlab gitlab vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-2233
An improper authorization issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 prior to 16.2.8, all versions starting from 16.3 prior to 16.3.5 and all versions starting from 16.4 prior to 16.4.1. It allows a project reporter to leak the owner'...
Gitlab Gitlab
Gitlab Gitlab 16.4.0
NA
CVE-2023-0989
An information disclosure issue in GitLab CE/EE affecting all versions starting from 13.11 before 16.2.8, 16.3 before 16.3.5, and 16.4 before 16.4.1 allows an malicious user to extract non-protected CI/CD variables by tricking a user to visit a fork with a malicious CI/CD configu...
Gitlab Gitlab
Gitlab Gitlab 16.4.0
NA
CVE-2023-43656
matrix-hookshot is a Matrix bot for connecting to external services like GitHub, GitLab, JIRA, and more. Instances that have enabled transformation functions (those that have `generic.allowJsTransformationFunctions` in their config), may be vulnerable to an attack where it is pos...
Matrix Hookshot
NA
CVE-2023-5009
An issue has been discovered in GitLab EE affecting all versions starting from 13.12 prior to 16.2.7, all versions starting from 16.3 prior to 16.3.4. It was possible for an malicious user to run pipeline jobs as an arbitrary user via scheduled security scan policies. This was a ...
Gitlab Gitlab
NA
CVE-2023-4630
An issue has been discovered in GitLab affecting all versions starting from 10.6 prior to 16.1.5, all versions starting from 16.2 prior to 16.2.5, all versions starting from 16.3 prior to 16.3.1 in which any user can read limited information about any project's imports.
Gitlab Gitlab 16.3.0
Gitlab Gitlab
NA
CVE-2023-3205
An issue has been discovered in GitLab affecting all versions starting from 15.11 prior to 16.1.5, all versions starting from 16.2 prior to 16.2.5, all versions starting from 16.3 prior to 16.3.1. An authenticated user could trigger a denial of service when importing or cloning m...
Gitlab Gitlab 16.3.0
Gitlab Gitlab
NA
CVE-2023-4378
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 prior to 16.1.5, all versions starting from 16.2 prior to 16.2.5, all versions starting from 16.3 prior to 16.3.1. A malicious Maintainer can, under specific circumstances, leak the sentry toke...
Gitlab Gitlab 16.3.0
Gitlab Gitlab
NA
CVE-2023-3915
An issue has been discovered in GitLab EE affecting all versions starting from 16.1 prior to 16.1.5, all versions starting from 16.2 prior to 16.2.5, all versions starting from 16.3 prior to 16.3.1. If an external user is given an owner role on any group, that external user may e...
Gitlab Gitlab 16.3.0
Gitlab Gitlab
NA
CVE-2023-3950
An information disclosure issue in GitLab EE affecting all versions from 16.2 before 16.2.5, and 16.3 before 16.3.1 allowed other Group Owners to see the Public Key for a Google Cloud Logging audit event streaming destination, if configured. Owners can now only write the key, not...
Gitlab Gitlab 16.3.0
Gitlab Gitlab
NA
CVE-2023-3210
An issue has been discovered in GitLab affecting all versions starting from 15.11 prior to 16.1.5, all versions starting from 16.2 prior to 16.2.5, all versions starting from 16.3 prior to 16.3.1. An authenticated user could trigger a denial of service when importing or cloning m...
Gitlab Gitlab 16.3.0
Gitlab Gitlab
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »