Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gitlab gitlab vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-6477
An issue has been discovered in GitLab EE affecting all versions starting from 16.5 prior to 16.7.6, all versions starting from 16.8 prior to 16.8.3, all versions starting from 16.9 prior to 16.9.1. When a user is assigned a custom role with admin_group_member permission, they ma...
Gitlab Gitlab
Gitlab Gitlab 16.9.0
NA
CVE-2023-6736
An issue has been discovered in GitLab EE affecting all versions starting from 11.3 prior to 16.7.6, all versions starting from 16.8 prior to 16.8.3, all versions starting from 16.9 prior to 16.9.1. It was possible for an malicious user to cause a client-side denial of service us...
Gitlab Gitlab 16.9.0
Gitlab Gitlab
NA
CVE-2023-5106
An issue has been discovered in Ultimate-licensed GitLab EE affecting all versions starting 13.12 before 16.2.8, 16.3.0 before 16.3.5, and 16.4.0 before 16.4.1 that could allow an malicious user to impersonate users in CI pipelines through direct transfer group imports.
Gitlab Gitlab
Gitlab Gitlab 16.4.0
NA
CVE-2023-4018
An issue has been discovered in GitLab affecting all versions starting from 16.2 prior to 16.2.5, all versions starting from 16.3 prior to 16.3.1. Due to improper permission validation it was possible to create model experiments in public projects.
Gitlab Gitlab 16.3.0
Gitlab Gitlab
NA
CVE-2023-3399
An issue has been discovered in GitLab EE affecting all versions starting from 11.6 prior to 16.3.6, all versions starting from 16.4 prior to 16.4.2, all versions starting from 16.5 prior to 16.5.1. It was possible for an unauthorised project or group member to read the CI/CD var...
Gitlab Gitlab
Gitlab Gitlab 13.0.0
NA
CVE-2024-0402
An issue has been discovered in GitLab CE/EE affecting all versions from 16.0 before 16.6.6, 16.7 before 16.7.4, and 16.8 before 16.8.1 which allows an authenticated user to write files to arbitrary locations on the GitLab server while creating a workspace.
Gitlab Gitlab 16.8.0
Gitlab Gitlab
1 Github repository
NA
CVE-2024-0410
An authorization bypass vulnerability exists in GitLab affecting versions 15.1 before 16.7.6, 16.8 before 16.8.3, and 16.9 before 16.9.1. A developer could bypass CODEOWNERS approvals by creating a merge conflict.
Gitlab Gitlab 16.9.0
Gitlab Gitlab
NA
CVE-2024-0456
An authorization vulnerability exists in GitLab versions 14.0 before 16.6.6, 16.7 before 16.7.4, and 16.8 before 16.8.1. An unauthorized attacker is able to assign arbitrary users to MRs that they created within the project
Gitlab Gitlab 16.8.0
Gitlab Gitlab
NA
CVE-2023-5198
An issue has been discovered in GitLab affecting all versions prior to 16.2.7, all versions starting from 16.3 prior to 16.3.5, and all versions starting from 16.4 prior to 16.4.1. It was possible for a removed project member to write to protected branches using deploy keys.
Gitlab Gitlab
Gitlab Gitlab 16.4.0
NA
CVE-2023-5207
A vulnerability exists in GitLab CE and EE affecting all versions starting 16.0 before 16.2.8, 16.3 before 16.3.5, and 16.4 before 16.4.1. An authenticated attacker could perform arbitrary pipeline execution under the context of another user.
Gitlab Gitlab
Gitlab Gitlab 16.4.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-25525
CVE-2024-4652
CVE-2024-1438
CVE-2024-4671
CVE-2024-34351
arbitrary
CVE-2024-4650
SQL injection
overflow
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »