Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gitlab gitlab vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2022-1545
It was possible to disclose details of confidential notes created via the API in Gitlab CE/EE affecting all versions from 13.2 before 14.8.6, 14.9 before 14.9.4, and 14.10 before 14.10.1 if an unauthorised project member was tagged in the note.
Gitlab Gitlab 14.10.0
Gitlab Gitlab
6.5
CVSSv2
CVE-2022-1680
An account takeover issue has been discovered in GitLab EE affecting all versions starting from 11.10 prior to 14.9.5, all versions starting from 14.10 prior to 14.10.4, all versions starting from 15.0 prior to 15.0.1. When group SAML SSO is configured, the SCIM feature (availabl...
Gitlab Gitlab
Gitlab Gitlab 15.0.0
4
CVSSv2
CVE-2022-0477
An issue has been discovered in GitLab affecting all versions starting from 11.9 prior to 14.5.4, all versions starting from 14.6.0 prior to 14.6.4, all versions starting from 14.7.0 prior to 14.7.1. GitLab was not correctly handling bulk requests to delete existing packages from...
Gitlab Gitlab
Gitlab Gitlab 14.7.0
3.5
CVSSv2
CVE-2022-1124
An improper authorization issue has been discovered in GitLab CE/EE affecting all versions before 14.8.6, all versions from 14.9.0 before 14.9.4, and 14.10.0, allowing Guest project members to access trace log of jobs when it is enabled
Gitlab Gitlab 14.10.0
Gitlab Gitlab
4
CVSSv2
CVE-2022-1983
Incorrect authorization in GitLab EE affecting all versions from 10.7 before 14.10.5, 15.0 before 15.0.4, and 15.1 before 15.1.1, allowed an attacker already in possession of a valid Deploy Key or a Deploy Token to misuse it from any location to access Container Registries even w...
Gitlab Gitlab 15.1.0
Gitlab Gitlab
NA
CVE-2023-5933
An issue has been discovered in GitLab CE/EE affecting all versions after 13.7 prior to 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1. Improper input sanitization of user name allows arbitrary API PUT requests.
Gitlab Gitlab 16.8.0
Gitlab Gitlab
NA
CVE-2022-3902
An issue has been discovered in GitLab affecting all versions starting from 9.3 prior to 15.4.6, all versions starting from 15.5 prior to 15.5.5, all versions starting from 15.6 prior to 15.6.1. It was possible for a project maintainer to unmask webhook secret tokens by reviewing...
Gitlab Gitlab 15.6.0
Gitlab Gitlab
NA
CVE-2023-3949
An issue has been discovered in GitLab affecting all versions starting from 11.3 prior to 16.4.3, all versions starting from 16.5 prior to 16.5.3, all versions starting from 16.6 prior to 16.6.1. It was possible for unauthorized users to view a public projects' release descr...
Gitlab Gitlab
Gitlab Gitlab 16.6.0
NA
CVE-2022-3820
An issue has been discovered in GitLab affecting all versions starting from 15.4 before 15.4.4, and 15.5 before 15.5.2. GitLab was not performing correct authentication with some Package Registries when IP address restrictions were configured, allowing an attacker already in poss...
Gitlab Gitlab 15.6.0
Gitlab Gitlab
NA
CVE-2022-2303
An issue has been discovered in GitLab CE/EE affecting all versions prior to 15.0.5, all versions starting from 15.1 prior to 15.1.4, all versions starting from 15.2 prior to 15.2.1. It may be possible for group members to bypass 2FA enforcement enabled at the group level by usin...
Gitlab Gitlab
Gitlab Gitlab 15.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
spoof
CVE-2024-34928
CVE-2024-5291
deserialization
CVE-2024-4471
CVE-2024-4956
CVE-2024-32002
CVE-2024-5227
unspecified
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »