Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gitlab gitlab 15.2 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2022-2455
A business logic issue in the handling of large repositories in all versions of GitLab CE/EE from 10.0 prior to 15.1.6, all versions starting from 15.2 prior to 15.2.4, all versions starting from 15.3 prior to 15.3.2 allowed an authenticated and authorized user to exhaust server ...
Gitlab Gitlab
4.3
CVSSv3
CVE-2022-2630
An improper access control issue in GitLab CE/EE affecting all versions starting from 15.2 prior to 15.2.4, all versions from 15.3 prior to 15.3.2 allows disclosure of confidential information via the Incident timeline events.
Gitlab Gitlab
4.8
CVSSv3
CVE-2022-2865
A cross-site scripting issue has been discovered in GitLab CE/EE affecting all versions prior to 15.1.6, 15.2 to 15.2.4 and 15.3 prior to 15.3.2. It was possible to exploit a vulnerability in setting the labels colour feature which could lead to a stored XSS that allowed maliciou...
Gitlab Gitlab
6.5
CVSSv3
CVE-2022-2592
A lack of length validation in Snippet descriptions in GitLab CE/EE affecting all versions before 15.1.6, 15.2 before 15.2.4 and 15.3 before 15.3.2 allows an authenticated malicious user to create a maliciously large Snippet which when requested with or without authentication pla...
Gitlab Gitlab
9.9
CVSSv3
CVE-2022-2992
A vulnerability in GitLab CE/EE affecting all versions from 11.10 before 15.1.6, 15.2 to 15.2.4, 15.3 to 15.3.2 allows an authenticated user to achieve remote code execution via the Import from GitHub API endpoint.
Gitlab Gitlab
1 Metasploit module
5 Github repositories
4.3
CVSSv3
CVE-2022-3030
An improper access control issue in GitLab CE/EE affecting all versions starting prior to 15.1.6, all versions from 15.2 prior to 15.2.4, all versions from 15.3 prior to 15.3.2 allows disclosure of pipeline status to unauthorized users.
Gitlab Gitlab
7.5
CVSSv3
CVE-2022-3031
An issue has been discovered in GitLab CE/EE affecting all versions prior to 15.1.6, all versions starting from 15.2 prior to 15.2.4, all versions starting from 15.3 prior to 15.3.2. It may be possible for an malicious user to guess a user's password by brute force by sendin...
Gitlab Gitlab
8
CVSSv3
CVE-2022-2527
An issue in Incident Timelines has been discovered in GitLab CE/EE affecting all versions starting from 14.9 prior to 15.1.6, all versions starting from 15.2 prior to 15.2.4, all versions starting from 15.3 prior to 15.3.2.which allowed an authenticated malicious user to inject a...
Gitlab Gitlab
7.4
CVSSv3
CVE-2022-2533
An issue has been discovered in GitLab affecting all versions starting from 12.10 prior to 15.1.6, all versions starting from 15.2 prior to 15.2.4, all versions starting from 15.3 prior to 15.3.2. GitLab was not performing correct authentication with some Package Registries when ...
Gitlab Gitlab
4.3
CVSSv3
CVE-2022-3331
An issue has been discovered in GitLab EE affecting all versions starting from 14.5 prior to 15.1.6, all versions starting from 15.2 prior to 15.2.4, all versions starting from 15.3 prior to 15.3.2. GitLab's Zentao integration has an insecure direct object reference vulnerab...
Gitlab Gitlab
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »