Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gitlab gitlab vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-2818
An issue has been discovered in GitLab CE/EE affecting all versions prior to 16.8.5, all versions starting from 16.9 prior to 16.9.3, all versions starting from 16.10 prior to 16.10.1. It was possible for an malicious user to cause a denial of service using malicious crafted desc...
NA
CVE-2023-6371
An issue has been discovered in GitLab CE/EE affecting all versions prior to 16.8.5, all versions starting from 16.9 prior to 16.9.3, all versions starting from 16.10 prior to 16.10.1. A wiki page with a crafted payload may lead to a Stored XSS, allowing malicious users to perfor...
NA
CVE-2024-1299
A privilege escalation vulnerability exists in GitLab affecting versions 16.8 before 16.8.4 and 16.9 before 16.9.2. It was possible for a user with custom role of `manage_group_access_tokens` to rotate group access tokens with owner privileges.
NA
CVE-2024-0199
An authorization bypass vulnerability exists in GitLab affecting versions 11.3 before 16.7.7, 16.7.6 before 16.8.4, and 16.8.3 before 16.9.2. An attacker could bypass CODEOWNERS by utilizing a crafted payload in an old feature branch to perform malicious actions.
NA
CVE-2023-4895
An issue has been discovered in GitLab EE affecting all versions starting from 12.0 to 16.7.6, all versions starting from 16.8 prior to 16.8.3, all versions starting from 16.9 prior to 16.9.1. This vulnerability allows for bypassing the 'group ip restriction' settings t...
Gitlab Gitlab
Gitlab Gitlab 16.9.0
NA
CVE-2023-6477
An issue has been discovered in GitLab EE affecting all versions starting from 16.5 prior to 16.7.6, all versions starting from 16.8 prior to 16.8.3, all versions starting from 16.9 prior to 16.9.1. When a user is assigned a custom role with admin_group_member permission, they ma...
Gitlab Gitlab
Gitlab Gitlab 16.9.0
NA
CVE-2024-0861
An issue has been discovered in GitLab EE affecting all versions starting from 16.4 prior to 16.7.6, all versions starting from 16.8 prior to 16.8.3, all versions starting from 16.9 prior to 16.9.1. Users with the `Guest` role can change `Custom dashboard projects` settings contr...
Gitlab Gitlab 16.9.0
Gitlab Gitlab
NA
CVE-2024-0410
An authorization bypass vulnerability exists in GitLab affecting versions 15.1 before 16.7.6, 16.8 before 16.8.3, and 16.9 before 16.9.1. A developer could bypass CODEOWNERS approvals by creating a merge conflict.
Gitlab Gitlab 16.9.0
Gitlab Gitlab
NA
CVE-2024-1451
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.9 prior to 16.9.1. A crafted payload added to the user profile page could lead to a stored XSS on the client side, allowing malicious users to perform arbitrary actions on behalf of victims."...
Gitlab Gitlab 16.9.0
NA
CVE-2024-1525
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.1 prior to 16.7.6, all versions starting from 16.8 prior to 16.8.3, all versions starting from 16.9 prior to 16.9.1. Under some specialized conditions, an LDAP user may be able to reset their pas...
Gitlab Gitlab 16.9.0
Gitlab Gitlab
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21991
CVE-2024-32674
path traversal
CVE-2023-21987
denial of service
dos
CVE-2024-4647
CVE-2024-25519
CVE-2024-33612
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »