Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gitlab gitlab vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-2303
An issue has been discovered in GitLab CE/EE affecting all versions prior to 15.0.5, all versions starting from 15.1 prior to 15.1.4, all versions starting from 15.2 prior to 15.2.1. It may be possible for group members to bypass 2FA enforcement enabled at the group level by usin...
Gitlab Gitlab
Gitlab Gitlab 15.2
7.5
CVSSv2
CVE-2021-22203
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7.9 prior to 13.8.7, all versions starting from 13.9 prior to 13.9.5, and all versions starting from 13.10 prior to 13.10.1. A specially crafted Wiki page allowed malicious users to read arbitrar...
Gitlab Gitlab
Gitlab Gitlab 13.10.0
NA
CVE-2023-3949
An issue has been discovered in GitLab affecting all versions starting from 11.3 prior to 16.4.3, all versions starting from 16.5 prior to 16.5.3, all versions starting from 16.6 prior to 16.6.1. It was possible for unauthorized users to view a public projects' release descr...
Gitlab Gitlab
Gitlab Gitlab 16.6.0
NA
CVE-2023-3979
An issue has been discovered in GitLab affecting all versions starting from 10.6 prior to 16.2.8, all versions starting from 16.3 prior to 16.3.5, all versions starting from 16.4 prior to 16.4.1. It was possible that upstream members to collaborate with you on your branch get per...
Gitlab Gitlab
Gitlab Gitlab 16.4.0
NA
CVE-2023-3509
An issue has been discovered in GitLab affecting all versions prior to 16.7.6, all versions starting from 16.8 prior to 16.8.3, all versions starting from 16.9 prior to 16.9.1. It was possible for group members with sub-maintainer role to change the title of privately accessible ...
Gitlab Gitlab 16.9.0
Gitlab Gitlab
NA
CVE-2023-1167
Improper authorization in Gitlab EE affecting all versions from 12.3.0 prior to 15.8.5, all versions starting from 15.9 prior to 15.9.4, all versions starting from 15.10 prior to 15.10.1 allows an unauthorized access to security reports in MR.
Gitlab Gitlab 15.10.0
Gitlab Gitlab
NA
CVE-2022-2456
An issue has been discovered in GitLab CE/EE affecting all versions prior to 15.0.5, all versions starting from 15.1 prior to 15.1.4, all versions starting from 15.2 prior to 15.2.1. It may be possible for malicious group or project maintainers to change their corresponding group...
Gitlab Gitlab
Gitlab Gitlab 15.2
NA
CVE-2023-0450
An issue has been discovered in GitLab affecting all versions starting from 8.1 to 15.8.5, and from 15.9 to 15.9.4, and from 15.10 to 15.10.1. It was possible to add a branch with an ambiguous name that could be used to social engineer users.
Gitlab Gitlab 15.10.0
Gitlab Gitlab
5.5
CVSSv2
CVE-2021-39894
In all versions of GitLab CE/EE since version 8.0, a DNS rebinding vulnerability exists in Fogbugz importer which may be used by malicious users to exploit Server Side Request Forgery attacks.
Gitlab Gitlab
Gitlab Gitlab 14.3.0
5
CVSSv2
CVE-2021-39897
Improper access control in GitLab CE/EE version 10.5 and above allowed subgroup members with inherited access to a project from a parent group to still have access even after the subgroup is transferred
Gitlab Gitlab
Gitlab Gitlab 13.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »