Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gitlab vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-4658
An issue has been discovered in GitLab EE affecting all versions starting from 8.13 prior to 16.4.3, all versions starting from 16.5 prior to 16.5.3, all versions starting from 16.6 prior to 16.6.1. It was possible for an malicious user to abuse the `Allowed to merge` permission ...
Gitlab Gitlab
Gitlab Gitlab 16.6.0
NA
CVE-2023-4379
An issue has been discovered in GitLab EE affecting all versions starting from 15.3 before 16.2.8, 16.3 before 16.3.5, and 16.4 before 16.4.1. Code owner approval was not removed from merge requests when the target branch was updated.
Gitlab Gitlab
Gitlab Gitlab 16.4.0
NA
CVE-2023-4700
An authorization issue affecting GitLab EE affecting all versions from 14.7 before 16.3.6, 16.4 before 16.4.2, and 16.5 before 16.5.1, allowed a user to run jobs in protected environments, bypassing any required approvals.
Gitlab Gitlab
Gitlab Gitlab 16.5.0
NA
CVE-2023-3399
An issue has been discovered in GitLab EE affecting all versions starting from 11.6 prior to 16.3.6, all versions starting from 16.4 prior to 16.4.2, all versions starting from 16.5 prior to 16.5.1. It was possible for an unauthorised project or group member to read the CI/CD var...
Gitlab Gitlab
Gitlab Gitlab 13.0.0
NA
CVE-2023-3909
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.3 prior to 16.3.6, all versions starting from 16.4 prior to 16.4.2, all versions starting from 16.5 prior to 16.5.1. A Regular Expression Denial of Service was possible by adding a large string i...
Gitlab Gitlab
Gitlab Gitlab 16.5.0
NA
CVE-2023-3246
An issue has been discovered in GitLab EE/CE affecting all versions starting prior to 16.3.6, all versions starting from 16.4 prior to 16.4.2, all versions starting from 16.5 prior to 16.5.1 which allows an malicious users to block Sidekiq job processor.
Gitlab Gitlab
Gitlab Gitlab 16.5.0
NA
CVE-2023-5963
An issue has been discovered in GitLab EE with Advanced Search affecting all versions from 13.9 to 16.3.6, 16.4 before 16.4.2 and 16.5 before 16.5.1 that could allow a denial of service in the Advanced Search function by chaining too many syntax operators.
Gitlab Gitlab
Gitlab Gitlab 16.5.0
NA
CVE-2023-5825
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.2 prior to 16.3.6, all versions starting from 16.4 prior to 16.4.2, all versions starting from 16.5 prior to 16.5.1. A low-privileged attacker can point a CI/CD Component to an incorrect path and...
Gitlab Gitlab
Gitlab Gitlab 16.5.0
NA
CVE-2023-5831
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.0 prior to 16.3.6, all versions starting from 16.4 prior to 16.4.2, and all versions starting from 16.5.0 prior to 16.5.1 which have the `super_sidebar_logged_out` feature flag enabled. Affected ...
Gitlab Gitlab
Gitlab Gitlab 16.5.0
NA
CVE-2023-5106
An issue has been discovered in Ultimate-licensed GitLab EE affecting all versions starting 13.12 before 16.2.8, 16.3.0 before 16.3.5, and 16.4.0 before 16.4.1 that could allow an malicious user to impersonate users in CI pipelines through direct transfer group imports.
Gitlab Gitlab
Gitlab Gitlab 16.4.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »