Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gitlab gitlab 15.4 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-3413
Incorrect authorization during display of Audit Events in GitLab EE affecting all versions from 14.5 before 15.3.5, 15.4 before 15.4.4, and 15.5 before 15.5.2, allowed Developers to view the project's Audit Events and Developers or Maintainers to view the group's Audit ...
Gitlab Gitlab
NA
CVE-2022-3483
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.1 prior to 15.3.5, all versions starting from 15.4 prior to 15.4.4, all versions starting from 15.5 prior to 15.5.2. A malicious maintainer could exfiltrate a Datadog integration's access to...
Gitlab Gitlab
NA
CVE-2022-3265
A cross-site scripting issue has been discovered in GitLab CE/EE affecting all versions before 15.3.5, 15.4 before 15.4.4, and 15.5 before 15.5.2. It was possible to exploit a vulnerability in setting the labels colour feature which could lead to a stored XSS that allowed malicio...
Gitlab Gitlab
NA
CVE-2022-3573
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 prior to 15.5.7, all versions starting from 15.6 prior to 15.6.4, all versions starting from 15.7 prior to 15.7.2. Due to the improper filtering of query parameters in the wiki changes page, an...
Gitlab Gitlab
Abb Drive Composer
NA
CVE-2022-2251
Improper sanitization of branch names in GitLab Runner affecting all versions before 15.3.5, 15.4 before 15.4.4, and 15.5 before 15.5.2 allows a user who creates a branch with a specially crafted name and gets another user to trigger a pipeline to execute commands in the runner a...
Gitlab Runner
NA
CVE-2024-4539
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 16.9.7, starting from 16.10 before 16.10.5, and starting from 16.11 before 16.11.2 where abusing the API to filter branch and tags could lead to Denial of Service.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-36920
buffer overflow
CVE-2024-36913
CVE-2024-5497
CVE-2024-23917
CVE-2024-4956
server-side request forgery
CVE-2024-35468
SSTI
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4