Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gitlab vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-1451
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.9 prior to 16.9.1. A crafted payload added to the user profile page could lead to a stored XSS on the client side, allowing malicious users to perform arbitrary actions on behalf of victims."...
Gitlab Gitlab 16.9.0
NA
CVE-2024-1525
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.1 prior to 16.7.6, all versions starting from 16.8 prior to 16.8.3, all versions starting from 16.9 prior to 16.9.1. Under some specialized conditions, an LDAP user may be able to reset their pas...
Gitlab Gitlab 16.9.0
Gitlab Gitlab
NA
CVE-2023-6477
An issue has been discovered in GitLab EE affecting all versions starting from 16.5 prior to 16.7.6, all versions starting from 16.8 prior to 16.8.3, all versions starting from 16.9 prior to 16.9.1. When a user is assigned a custom role with admin_group_member permission, they ma...
Gitlab Gitlab
Gitlab Gitlab 16.9.0
NA
CVE-2023-3509
An issue has been discovered in GitLab affecting all versions prior to 16.7.6, all versions starting from 16.8 prior to 16.8.3, all versions starting from 16.9 prior to 16.9.1. It was possible for group members with sub-maintainer role to change the title of privately accessible ...
Gitlab Gitlab 16.9.0
Gitlab Gitlab
NA
CVE-2024-1250
An issue has been discovered in GitLab EE affecting all versions starting from 16.8 prior to 16.8.2. When a user is assigned a custom role with manage_group_access_tokens permission, they may be able to create group access tokens with Owner privileges, which may lead to privilege...
Gitlab Gitlab
NA
CVE-2023-6564
An issue has been discovered in GitLab EE Premium and Ultimate affecting versions 16.4.3, 16.5.3, and 16.6.1. In projects using subgroups to define who can push and/or merge to protected branches, there may have been instances in which subgroup members with the Developer role wer...
Gitlab Gitlab 16.4.3
Gitlab Gitlab 16.5.3
Gitlab Gitlab 16.6.1
NA
CVE-2023-6736
An issue has been discovered in GitLab EE affecting all versions starting from 11.3 prior to 16.7.6, all versions starting from 16.8 prior to 16.8.3, all versions starting from 16.9 prior to 16.9.1. It was possible for an malicious user to cause a client-side denial of service us...
Gitlab Gitlab 16.9.0
Gitlab Gitlab
NA
CVE-2023-6840
An issue has been discovered in GitLab EE affecting all versions from 16.4 before 16.6.7, 16.7 before 16.7.5, and 16.8 before 16.8.2 which allows a maintainer to change the name of a protected branch that bypasses the security policy added to block MR.
Gitlab Gitlab
NA
CVE-2024-1066
An issue has been discovered in GitLab EE affecting all versions from 13.3.0 before 16.6.7, 16.7 before 16.7.5, and 16.8 before 16.8.2 which allows an malicious user to do a resource exhaustion using GraphQL `vulnerabilitiesCountByDay`
Gitlab Gitlab
NA
CVE-2023-6159
An issue has been discovered in GitLab CE/EE affecting all versions from 12.7 before 16.6.6, 16.7 before 16.7.4, and 16.8 before 16.8.1 It was possible for an malicious user to trigger a Regular Expression Denial of Service via a `Cargo.toml` containing maliciously crafted input.
Gitlab Gitlab 16.8.0
Gitlab Gitlab
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »