Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gitlab gitlab 15.4 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-3286
Lack of IP address checking in GitLab EE affecting all versions from 14.2 before 15.2.5, 15.3 before 15.3.4, and 15.4 before 15.4.1 allows a group member to bypass IP restrictions when using a deploy token
Gitlab Gitlab
NA
CVE-2022-3288
A branch/tag name confusion in GitLab CE/EE affecting all versions before 15.2.5, 15.3 before 15.3.4, and 15.4 before 15.4.1 allows an malicious user to manipulate pages where the content of the default branch would be expected.
Gitlab Gitlab
NA
CVE-2022-3018
An information disclosure vulnerability in GitLab CE/EE affecting all versions starting from 9.3 prior to 15.2.5, all versions starting from 15.3 prior to 15.3.4, all versions starting from 15.4 prior to 15.4.1 allows a project maintainer to access the DataDog integration API key...
Gitlab Gitlab
NA
CVE-2022-3066
An issue has been discovered in GitLab affecting all versions starting from 10.0 prior to 15.2.5, all versions starting from 15.3 prior to 15.3.4, all versions starting from 15.4 prior to 15.4.1. It was possible for an unauthorised user to create issues in a project.
Gitlab Gitlab
NA
CVE-2022-3819
An improper authorization issue in GitLab CE/EE affecting all versions from 15.0 before 15.3.5, 15.4 before 15.4.4, and 15.5 before 15.5.2 allows a malicious users to set emojis on internal notes they don't have access to.
Gitlab Gitlab
NA
CVE-2022-3280
An open redirect in GitLab CE/EE affecting all versions from 10.1 before 15.3.5, 15.4 before 15.4.4, and 15.5 before 15.5.2 allows an malicious user to trick users into visiting a trustworthy URL and being redirected to arbitrary content.
Gitlab Gitlab
NA
CVE-2022-3486
An open redirect vulnerability in GitLab EE/CE affecting all versions from 9.3 before 15.3.5, 15.4 before 15.4.4, and 15.5 before 15.5.2, allows an malicious user to redirect users to an arbitrary location if they trust the URL.
Gitlab Gitlab
NA
CVE-2022-3351
An issue has been discovered in GitLab EE affecting all versions starting from 13.7 prior to 15.2.5, all versions starting from 15.3 prior to 15.3.4, all versions starting from 15.4 prior to 15.4.1. A user's primary email may be disclosed to an attacker through group member ...
Gitlab Gitlab
NA
CVE-2022-3793
An improper authorization issue in GitLab CE/EE affecting all versions from 14.4 before 15.3.5, 15.4 before 15.4.4, and 15.5 before 15.5.2 allows an malicious user to read variables set directly in a GitLab CI/CD configuration file they don't have access to.
Gitlab Gitlab
NA
CVE-2022-3818
An uncontrolled resource consumption issue when parsing URLs in GitLab CE/EE affecting all versions before 15.3.5, 15.4 before 15.4.4, and 15.5 before 15.5.2 allows an malicious user to cause performance issues and potentially a denial of service on the GitLab instance.
Gitlab Gitlab
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »