Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gitlab gitlab vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2019-9217
An issue exists in GitLab Community and Enterprise Edition prior to 11.6.10, 11.7.x prior to 11.7.6, and 11.8.x prior to 11.8.1. Its User Interface has a Misrepresentation of Critical Information.
Gitlab Gitlab
668
VMScore
CVE-2019-9756
An issue exists in GitLab Community and Enterprise Edition 10.x (starting from 10.8) and 11.x prior to 11.6.10, 11.7.x prior to 11.7.6, and 11.8.x prior to 11.8.1. It has Incorrect Access Control, a different vulnerability than CVE-2019-9732.
Gitlab Gitlab
668
VMScore
CVE-2018-18843
The Kubernetes integration in GitLab Enterprise Edition 11.x prior to 11.2.8, 11.3.x prior to 11.3.9, and 11.4.x prior to 11.4.4 has SSRF.
Gitlab Gitlab
668
VMScore
CVE-2018-18649
An issue exists in the wiki API in GitLab Community and Enterprise Edition prior to 11.2.7, 11.3.x prior to 11.3.8, and 11.4.x prior to 11.4.3. It allows for remote code execution.
Gitlab Gitlab
1 Github repository
668
VMScore
CVE-2018-14364
GitLab Community and Enterprise Edition prior to 10.7.7, 10.8.x prior to 10.8.6, and 11.x prior to 11.0.4 allows Directory Traversal with write access and resultant remote code execution via the GitLab projects import component.
Gitlab Gitlab
668
VMScore
CVE-2018-8971
The Auth0 integration in GitLab prior to 10.3.9, 10.4.x prior to 10.4.6, and 10.5.x prior to 10.5.6 has an incorrect omniauth-auth0 configuration, leading to signing in unintended users.
Gitlab Gitlab
Debian Debian Linux 9.0
668
VMScore
CVE-2017-0915
Gitlab Community Edition version 10.2.4 is vulnerable to a lack of input validation in the GitlabProjectsImportService resulting in remote code execution.
Gitlab Gitlab
Debian Debian Linux 9.0
668
VMScore
CVE-2017-0916
Gitlab Community Edition version 10.3 is vulnerable to a lack of input validation in the system_hook_push queue through web hook component resulting in remote code execution.
Gitlab Gitlab
Debian Debian Linux 9.0
655
VMScore
CVE-2016-4340
The impersonate feature in Gitlab 8.7.0, 8.6.0 up to and including 8.6.7, 8.5.0 up to and including 8.5.11, 8.4.0 up to and including 8.4.9, 8.3.0 up to and including 8.3.8, and 8.2.0 up to and including 8.2.4 allows remote authenticated users to "log in" as any other u...
Gitlab Gitlab 8.3.4
Gitlab Gitlab 8.3.5
Gitlab Gitlab 8.3.6
Gitlab Gitlab 8.3.7
Gitlab Gitlab 8.5.2
Gitlab Gitlab 8.5.3
Gitlab Gitlab 8.5.4
Gitlab Gitlab 8.5.5
Gitlab Gitlab 8.6.7
Gitlab Gitlab 8.7.0
Gitlab Gitlab 8.2.1
Gitlab Gitlab 8.2.2
Gitlab Gitlab 8.2.3
Gitlab Gitlab 8.2.4
Gitlab Gitlab 8.4.4
Gitlab Gitlab 8.4.5
Gitlab Gitlab 8.4.6
Gitlab Gitlab 8.4.7
Gitlab Gitlab 8.5.10
Gitlab Gitlab 8.5.11
Gitlab Gitlab 8.6.0
Gitlab Gitlab 8.6.1
1 EDB exploit
655
VMScore
CVE-2013-4490
The SSH key upload feature (lib/gitlab_keys.rb) in gitlab-shell prior to 1.7.3, as used in GitLab 5.0 prior to 5.4.1 and 6.x prior to 6.2.3, allows remote authenticated users to execute arbitrary commands via shell metacharacters in the public key.
Gitlab Gitlab 6.0.0
Gitlab Gitlab 6.2.0
Gitlab Gitlab 5.2.0
Gitlab Gitlab 5.0.1
Gitlab Gitlab-shell
Gitlab Gitlab-shell 1.4.0
Gitlab Gitlab-shell 1.2.0
Gitlab Gitlab-shell 1.7.1
Gitlab Gitlab-shell 1.7.0
Gitlab Gitlab-shell 1.6.0
Gitlab Gitlab-shell 1.5.0
Gitlab Gitlab 6.2.1
Gitlab Gitlab 6.2.2
Gitlab Gitlab 5.4.0
Gitlab Gitlab 5.3.0
Gitlab Gitlab-shell 1.0.4
Gitlab Gitlab 6.1.0
Gitlab Gitlab 5.1.0
Gitlab Gitlab 5.0.0
Gitlab Gitlab-shell 1.3.0
Gitlab Gitlab-shell 1.1.0
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »