Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gitlab vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2023-0319
An issue has been discovered in GitLab affecting all versions starting from 13.6 prior to 15.8.5, all versions starting from 15.9 prior to 15.9.4, all versions starting from 15.10 prior to 15.10.1, allowing to read environment names supposed to be restricted to project memebers o...
Gitlab Gitlab 15.10.0
Gitlab Gitlab
4.6
CVSSv3
CVE-2023-0450
An issue has been discovered in GitLab affecting all versions starting from 8.1 to 15.8.5, and from 15.9 to 15.9.4, and from 15.10 to 15.10.1. It was possible to add a branch with an ambiguous name that could be used to social engineer users.
Gitlab Gitlab 15.10.0
Gitlab Gitlab
8.8
CVSSv3
CVE-2022-2185
A critical issue has been discovered in GitLab affecting all versions starting from 14.0 before 14.10.5, 15.0 before 15.0.4, and 15.1 before 15.1.1 where an authenticated user authorized to import projects could import a maliciously crafted project leading to remote code executio...
Gitlab Gitlab 15.1.0
Gitlab Gitlab
3 Github repositories
3.8
CVSSv3
CVE-2022-2307
A lack of cascading deletes in GitLab CE/EE affecting all versions starting from 13.0 prior to 15.0.5, all versions starting from 15.1 prior to 15.1.4, all versions starting from 15.2 prior to 15.2.1 allows a malicious Group Owner to retain a usable Group Access Token even after ...
Gitlab Gitlab
Gitlab Gitlab 15.2
4.3
CVSSv3
CVE-2019-12825
Unauthorized Access to the Container Registry of other groups exists in GitLab Enterprise 12.0.0-pre. In other words, authenticated remote attackers can read Docker registries of other groups. When a legitimate user changes the path of a group, Docker registries are not adapted, ...
Gitlab Gitlab 12.0.0
Gitlab Gitlab
4.3
CVSSv3
CVE-2024-0861
An issue has been discovered in GitLab EE affecting all versions starting from 16.4 prior to 16.7.6, all versions starting from 16.8 prior to 16.8.3, all versions starting from 16.9 prior to 16.9.1. Users with the `Guest` role can change `Custom dashboard projects` settings contr...
Gitlab Gitlab 16.9.0
Gitlab Gitlab
3.8
CVSSv3
CVE-2023-0838
An issue has been discovered in GitLab affecting versions starting from 15.1 prior to 15.8.5, 15.9 prior to 15.9.4, and 15.10 prior to 15.10.1. A maintainer could modify a webhook URL to leak masked webhook secrets by adding a new parameter to the url. This addresses an incomplet...
Gitlab Gitlab 15.10.0
Gitlab Gitlab
5.7
CVSSv3
CVE-2023-0989
An information disclosure issue in GitLab CE/EE affecting all versions starting from 13.11 before 16.2.8, 16.3 before 16.3.5, and 16.4 before 16.4.1 allows an malicious user to extract non-protected CI/CD variables by tricking a user to visit a fork with a malicious CI/CD configu...
Gitlab Gitlab
Gitlab Gitlab 16.4.0
4.3
CVSSv3
CVE-2023-1071
An issue has been discovered in GitLab affecting all versions from 15.5 prior to 15.8.5, all versions starting from 15.9 prior to 15.9.4, all versions starting from 15.10 prior to 15.10.1. Due to improper permissions checks it was possible for an unauthorised user to remove an is...
Gitlab Gitlab 15.10.0
Gitlab Gitlab
4.9
CVSSv3
CVE-2023-1098
An information disclosure vulnerability has been discovered in GitLab EE/CE affecting all versions starting from 11.5 prior to 15.8.5, all versions starting from 15.9 prior to 15.9.4, all versions starting from 15.10 prior to 15.10.1 will allow an admin to leak password from repo...
Gitlab Gitlab 15.10.0
Gitlab Gitlab
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »