Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gitlab gitlab vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-5831
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.0 prior to 16.3.6, all versions starting from 16.4 prior to 16.4.2, and all versions starting from 16.5.0 prior to 16.5.1 which have the `super_sidebar_logged_out` feature flag enabled. Affected ...
Gitlab Gitlab
Gitlab Gitlab 16.5.0
NA
CVE-2023-5933
An issue has been discovered in GitLab CE/EE affecting all versions after 13.7 prior to 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1. Improper input sanitization of user name allows arbitrary API PUT requests.
Gitlab Gitlab 16.8.0
Gitlab Gitlab
NA
CVE-2023-5963
An issue has been discovered in GitLab EE with Advanced Search affecting all versions from 13.9 to 16.3.6, 16.4 before 16.4.2 and 16.5 before 16.5.1 that could allow a denial of service in the Advanced Search function by chaining too many syntax operators.
Gitlab Gitlab
Gitlab Gitlab 16.5.0
NA
CVE-2023-1417
An issue has been discovered in GitLab affecting all versions starting from 15.9 prior to 15.9.4, all versions starting from 15.10 prior to 15.10.1. It was possible for an unauthorised user to add child epics linked to victim's epic in an unrelated group.
Gitlab Gitlab 15.10.0
Gitlab Gitlab
NA
CVE-2023-1708
An issue was identified in GitLab CE/EE affecting all versions from 1.0 before 15.8.5, 15.9 before 15.9.4, and 15.10 before 15.10.1 where non-printable characters gets copied from clipboard, allowing unexpected commands to be executed on victim machine.
Gitlab Gitlab 15.10.0
Gitlab Gitlab
NA
CVE-2023-1733
A denial of service condition exists in the Prometheus server bundled with GitLab affecting all versions from 11.10 to 15.8.5, 15.9 to 15.9.4 and 15.10 to 15.10.1.
Gitlab Gitlab 15.10.0
Gitlab Gitlab
NA
CVE-2023-1787
An issue has been discovered in GitLab affecting all versions starting from 15.9 prior to 15.9.4, all versions starting from 15.10 prior to 15.10.1. A search timeout could be triggered if a specific HTML payload was used in the issue description.
Gitlab Gitlab 15.10.0
Gitlab Gitlab
NA
CVE-2022-4255
An info leak issue was identified in all versions of GitLab EE from 13.7 before 15.4.6, 15.5 before 15.5.5, and 15.6 before 15.6.1 which exposes user email id through webhook payload.
Gitlab Gitlab 15.6.0
Gitlab Gitlab
NA
CVE-2023-5106
An issue has been discovered in Ultimate-licensed GitLab EE affecting all versions starting 13.12 before 16.2.8, 16.3.0 before 16.3.5, and 16.4.0 before 16.4.1 that could allow an malicious user to impersonate users in CI pipelines through direct transfer group imports.
Gitlab Gitlab
Gitlab Gitlab 16.4.0
NA
CVE-2022-2095
An improper access control check in GitLab CE/EE affecting all versions starting from 13.7 prior to 15.0.5, all versions starting from 15.1 prior to 15.1.4, all versions starting from 15.2 prior to 15.2.1 allows a malicious authenticated user to view a public project's Deplo...
Gitlab Gitlab
Gitlab Gitlab 15.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »