Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gitlab gitlab 15.4 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-3286
Lack of IP address checking in GitLab EE affecting all versions from 14.2 before 15.2.5, 15.3 before 15.3.4, and 15.4 before 15.4.1 allows a group member to bypass IP restrictions when using a deploy token
Gitlab Gitlab
NA
CVE-2022-3288
A branch/tag name confusion in GitLab CE/EE affecting all versions before 15.2.5, 15.3 before 15.3.4, and 15.4 before 15.4.1 allows an malicious user to manipulate pages where the content of the default branch would be expected.
Gitlab Gitlab
NA
CVE-2022-3066
An issue has been discovered in GitLab affecting all versions starting from 10.0 prior to 15.2.5, all versions starting from 15.3 prior to 15.3.4, all versions starting from 15.4 prior to 15.4.1. It was possible for an unauthorised user to create issues in a project.
Gitlab Gitlab
NA
CVE-2022-3018
An information disclosure vulnerability in GitLab CE/EE affecting all versions starting from 9.3 prior to 15.2.5, all versions starting from 15.3 prior to 15.3.4, all versions starting from 15.4 prior to 15.4.1 allows a project maintainer to access the DataDog integration API key...
Gitlab Gitlab
NA
CVE-2022-3280
An open redirect in GitLab CE/EE affecting all versions from 10.1 before 15.3.5, 15.4 before 15.4.4, and 15.5 before 15.5.2 allows an malicious user to trick users into visiting a trustworthy URL and being redirected to arbitrary content.
Gitlab Gitlab
NA
CVE-2022-3819
An improper authorization issue in GitLab CE/EE affecting all versions from 15.0 before 15.3.5, 15.4 before 15.4.4, and 15.5 before 15.5.2 allows a malicious users to set emojis on internal notes they don't have access to.
Gitlab Gitlab
NA
CVE-2022-3486
An open redirect vulnerability in GitLab EE/CE affecting all versions from 9.3 before 15.3.5, 15.4 before 15.4.4, and 15.5 before 15.5.2, allows an malicious user to redirect users to an arbitrary location if they trust the URL.
Gitlab Gitlab
NA
CVE-2022-3351
An issue has been discovered in GitLab EE affecting all versions starting from 13.7 prior to 15.2.5, all versions starting from 15.3 prior to 15.3.4, all versions starting from 15.4 prior to 15.4.1. A user's primary email may be disclosed to an attacker through group member ...
Gitlab Gitlab
NA
CVE-2023-0508
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 prior to 15.10.8, all versions starting from 15.11 prior to 15.11.7, all versions starting from 16.0 prior to 16.0.2. Open redirection was possible via HTTP response splitting in the NPM packag...
Gitlab Gitlab
NA
CVE-2022-3793
An improper authorization issue in GitLab CE/EE affecting all versions from 14.4 before 15.3.5, 15.4 before 15.4.4, and 15.5 before 15.5.2 allows an malicious user to read variables set directly in a GitLab CI/CD configuration file they don't have access to.
Gitlab Gitlab
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »