Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gitlab gitlab vulnerabilities and exploits
(subscribe to this query)
641
VMScore
CVE-2021-39913
Accidental logging of system root password in the migration log in all versions of GitLab CE/EE prior to 14.2.6, all versions starting from 14.3 prior to 14.3.4, and all versions starting from 14.4 prior to 14.4.1 allows an attacker with local file system access to obtain system ...
Gitlab Gitlab
Gitlab Gitlab 14.4.0
NA
CVE-2023-3950
An information disclosure issue in GitLab EE affecting all versions from 16.2 before 16.2.5, and 16.3 before 16.3.1 allowed other Group Owners to see the Public Key for a Google Cloud Logging audit event streaming destination, if configured. Owners can now only write the key, not...
Gitlab Gitlab 16.3.0
Gitlab Gitlab
NA
CVE-2023-3964
An issue has been discovered in GitLab affecting all versions starting from 13.2 prior to 16.4.3, all versions starting from 16.5 prior to 16.5.3, all versions starting from 16.6 prior to 16.6.1. It was possible for users to access composer packages on public projects that have p...
Gitlab Gitlab
Gitlab Gitlab 16.6.0
NA
CVE-2023-4018
An issue has been discovered in GitLab affecting all versions starting from 16.2 prior to 16.2.5, all versions starting from 16.3 prior to 16.3.1. Due to improper permission validation it was possible to create model experiments in public projects.
Gitlab Gitlab 16.3.0
Gitlab Gitlab
NA
CVE-2023-1098
An information disclosure vulnerability has been discovered in GitLab EE/CE affecting all versions starting from 11.5 prior to 15.8.5, all versions starting from 15.9 prior to 15.9.4, all versions starting from 15.10 prior to 15.10.1 will allow an admin to leak password from repo...
Gitlab Gitlab 15.10.0
Gitlab Gitlab
356
VMScore
CVE-2013-4582
The (1) create_branch, (2) create_tag, (3) import_project, and (4) fork_project functions in lib/gitlab_projects.rb in GitLab 5.0 prior to 5.4.2, Community Edition prior to 6.2.4, Enterprise Edition prior to 6.2.1 and gitlab-shell prior to 1.7.8 allows remote authenticated users ...
Gitlab Gitlab
Gitlab Gitlab-shell
356
VMScore
CVE-2019-12825
Unauthorized Access to the Container Registry of other groups exists in GitLab Enterprise 12.0.0-pre. In other words, authenticated remote attackers can read Docker registries of other groups. When a legitimate user changes the path of a group, Docker registries are not adapted, ...
Gitlab Gitlab 12.0.0
Gitlab Gitlab
NA
CVE-2022-2534
An issue has been discovered in GitLab CE/EE affecting all versions starting from 9.3 prior to 15.0.5, all versions starting from 15.1 prior to 15.1.4, all versions starting from 15.2 prior to 15.2.1. GitLab was returning contributor emails due to improper data handling in the Da...
Gitlab Gitlab
Gitlab Gitlab 15.2
NA
CVE-2022-2095
An improper access control check in GitLab CE/EE affecting all versions starting from 13.7 prior to 15.0.5, all versions starting from 15.1 prior to 15.1.4, all versions starting from 15.2 prior to 15.2.1 allows a malicious authenticated user to view a public project's Deplo...
Gitlab Gitlab
Gitlab Gitlab 15.2
NA
CVE-2024-0402
An issue has been discovered in GitLab CE/EE affecting all versions from 16.0 before 16.6.6, 16.7 before 16.7.4, and 16.8 before 16.8.1 which allows an authenticated user to write files to arbitrary locations on the GitLab server while creating a workspace.
Gitlab Gitlab 16.8.0
Gitlab Gitlab
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3201
CVE-2024-4779
CVE-2024-35090
CVE-2024-5084
hard-coded
CVE-2024-4985
HTML injection
CVE-2024-33655
local file inclusion
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »