Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gitlab gitlab vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-3511
An issue has been discovered in GitLab EE affecting all versions starting from 8.17 prior to 16.4.4, all versions starting from 16.5 prior to 16.5.4, all versions starting from 16.6 prior to 16.6.2. It was possible for auditor users to fork and submit merge requests to private pr...
Gitlab Gitlab
NA
CVE-2023-6680
An improper certificate validation issue in Smartcard authentication in GitLab EE affecting all versions from 11.6 before 16.4.4, 16.5 before 16.5.4, and 16.6 before 16.6.2 allows an malicious user to authenticate as another user given their public key if they use Smartcard authe...
Gitlab Gitlab
NA
CVE-2023-5061
An issue has been discovered in GitLab affecting all versions starting from 9.3 prior to 16.4.4, all versions starting from 16.5 prior to 16.5.4, all versions starting from 16.6 prior to 16.6.2. In certain situations, it may have been possible for developers to override predefine...
Gitlab Gitlab
NA
CVE-2023-6051
An issue has been discovered in GitLab CE/EE affecting all versions prior to 16.4.4, all versions starting from 16.5 prior to 16.5.4, all versions starting from 16.6 prior to 16.6.2. File integrity may be compromised when source code or installation packages are pulled from a spe...
Gitlab Gitlab
NA
CVE-2023-5332
Patch in third party library Consul requires 'enable-script-checks' to be set to False. This was required to enable a patch by the vendor. Without this setting the patch could be bypassed. This only affects GitLab-EE.
Gitlab Gitlab
Gitlab Gitlab 16.4.0
Hashicorp Consul
Hashicorp Consul 1.1.0
NA
CVE-2023-3949
An issue has been discovered in GitLab affecting all versions starting from 11.3 prior to 16.4.3, all versions starting from 16.5 prior to 16.5.3, all versions starting from 16.6 prior to 16.6.1. It was possible for unauthorized users to view a public projects' release descr...
Gitlab Gitlab
Gitlab Gitlab 16.6.0
NA
CVE-2023-4912
An issue has been discovered in GitLab EE affecting all versions starting from 10.5 prior to 16.4.3, all versions starting from 16.5 prior to 16.5.3, all versions starting from 16.6 prior to 16.6.1. It was possible for an malicious user to cause a client-side denial of service us...
Gitlab Gitlab
Gitlab Gitlab 16.6.0
NA
CVE-2023-4317
An issue has been discovered in GitLab affecting all versions starting from 9.2 prior to 16.4.3, all versions starting from 16.5 prior to 16.5.3, all versions starting from 16.6 prior to 16.6.1. It was possible for a user with the Developer role to update a pipeline schedule from...
Gitlab Gitlab
Gitlab Gitlab 16.6.0
NA
CVE-2023-4658
An issue has been discovered in GitLab EE affecting all versions starting from 8.13 prior to 16.4.3, all versions starting from 16.5 prior to 16.5.3, all versions starting from 16.6 prior to 16.6.1. It was possible for an malicious user to abuse the `Allowed to merge` permission ...
Gitlab Gitlab
Gitlab Gitlab 16.6.0
NA
CVE-2023-3964
An issue has been discovered in GitLab affecting all versions starting from 13.2 prior to 16.4.3, all versions starting from 16.5 prior to 16.5.3, all versions starting from 16.6 prior to 16.6.1. It was possible for users to access composer packages on public projects that have p...
Gitlab Gitlab
Gitlab Gitlab 16.6.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »