Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gitlab gitlab 15.4 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-3325
Improper access control in the GitLab CE/EE API affecting all versions starting from 12.8 prior to 15.2.5, all versions starting from 15.3 prior to 15.3.4, all versions starting from 15.4 prior to 15.4.1. Allowed for editing the approval rules via the API by an unauthorised user.
Gitlab Gitlab
NA
CVE-2023-0508
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 prior to 15.10.8, all versions starting from 15.11 prior to 15.11.7, all versions starting from 16.0 prior to 16.0.2. Open redirection was possible via HTTP response splitting in the NPM packag...
Gitlab Gitlab
NA
CVE-2022-3067
An issue has been discovered in the Import functionality of GitLab CE/EE affecting all versions starting from 14.4 prior to 15.2.5, all versions starting from 15.3 prior to 15.3.4, all versions starting from 15.4 prior to 15.4.1. It was possible for an authenticated user to read ...
Gitlab Gitlab
NA
CVE-2022-3283
A potential DOS vulnerability exists in GitLab CE/EE affecting all versions before prior to 15.2.5, all versions starting from 15.3 prior to 15.3.4, all versions starting from 15.4 prior to 15.4.1 While cloning an issue with special crafted content added to the description could ...
Gitlab Gitlab
NA
CVE-2023-2132
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 prior to 15.10.8, all versions starting from 15.11 prior to 15.11.7, all versions starting from 16.0 prior to 16.0.2. A DollarMathPostFilter Regular Expression Denial of Service in was possible...
Gitlab Gitlab
NA
CVE-2022-3726
Lack of sand-boxing of OpenAPI documents in GitLab CE/EE affecting all versions from 12.6 before 15.3.5, 15.4 before 15.4.4, and 15.5 before 15.5.2 allows an malicious user to trick a user to click on the Swagger OpenAPI viewer and issue HTTP requests that affect the victim'...
Gitlab Gitlab
NA
CVE-2022-2761
An information disclosure issue in GitLab CE/EE affecting all versions from 14.4 before 15.3.5, 15.4 before 15.4.4, and 15.5 before 15.5.2 allows an malicious user to use GitLab Flavored Markdown (GFM) references in a Jira issue to disclose the names of resources they don't ...
Gitlab Gitlab
NA
CVE-2023-2478
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 prior to 15.9.7, all versions starting from 15.10 prior to 15.10.6, all versions starting from 15.11 prior to 15.11.2. Under certain conditions, a malicious unauthorized GitLab user may use a G...
Gitlab Gitlab
NA
CVE-2022-3706
Improper authorization in GitLab CE/EE affecting all versions from 7.14 before 15.3.5, 15.4 before 15.4.4, and 15.5 before 15.5.2 allows a user retrying a job in a downstream pipeline to take ownership of the retried jobs in the upstream pipeline even if the user doesn't hav...
Gitlab Gitlab
NA
CVE-2022-2882
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.6 prior to 15.2.5, all versions starting from 15.3 prior to 15.3.4, all versions starting from 15.4 prior to 15.4.1. A malicious maintainer could exfiltrate a GitHub integration's access tok...
Gitlab Gitlab
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »