Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gitlab gitlab vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2022-1936
Incorrect authorization in GitLab EE affecting all versions from 12.0 prior to 14.9.5, all versions starting from 14.10 prior to 14.10.4, all versions starting from 15.0 prior to 15.0.1 allowed an attacker already in possession of a valid Project Deploy Token to misuse it from an...
Gitlab Gitlab
Gitlab Gitlab 15.0.0
5.4
CVSSv3
CVE-2022-1940
A Stored Cross-Site Scripting vulnerability in Jira integration in GitLab EE affecting all versions from 13.11 before 14.9.5, 14.10 before 14.10.4, and 15.0 before 15.0.1 allows an malicious user to execute arbitrary JavaScript code in GitLab on a victim's behalf via special...
Gitlab Gitlab
Gitlab Gitlab 15.0.0
8.8
CVSSv3
CVE-2023-2182
An issue has been discovered in GitLab EE affecting all versions starting from 15.10 prior to 15.10.5, all versions starting from 15.11 prior to 15.11.1. Under certain conditions when OpenID Connect is enabled on an instance, it may allow users who are marked as 'external...
Gitlab Gitlab 15.11.0
Gitlab Gitlab
7.5
CVSSv3
CVE-2023-5226
An issue has been discovered in GitLab affecting all versions prior to 16.4.3, all versions starting from 16.5 prior to 16.5.3, all versions starting from 16.6 prior to 16.6.1. Under certain circumstances, a malicious actor bypass prohibited branch checks using a specially crafte...
Gitlab Gitlab
Gitlab Gitlab 16.6.0
4.3
CVSSv3
CVE-2023-4630
An issue has been discovered in GitLab affecting all versions starting from 10.6 prior to 16.1.5, all versions starting from 16.2 prior to 16.2.5, all versions starting from 16.3 prior to 16.3.1 in which any user can read limited information about any project's imports.
Gitlab Gitlab 16.3.0
Gitlab Gitlab
7.5
CVSSv3
CVE-2023-4647
An issue has been discovered in GitLab affecting all versions starting from 15.2 prior to 16.1.5, all versions starting from 16.2 prior to 16.2.5, all versions starting from 16.3 prior to 16.3.1 in which the projects API pagination can be skipped, potentially leading to DoS on ce...
Gitlab Gitlab 16.3.0
Gitlab Gitlab
6.5
CVSSv3
CVE-2023-6159
An issue has been discovered in GitLab CE/EE affecting all versions from 12.7 before 16.6.6, 16.7 before 16.7.4, and 16.8 before 16.8.1 It was possible for an malicious user to trigger a Regular Expression Denial of Service via a `Cargo.toml` containing maliciously crafted input.
Gitlab Gitlab 16.8.0
Gitlab Gitlab
4.3
CVSSv3
CVE-2023-3443
An issue has been discovered in GitLab affecting all versions starting from 12.1 prior to 16.4.3, all versions starting from 16.5 prior to 16.5.3, all versions starting from 16.6 prior to 16.6.1. It was possible for a Guest user to add an emoji on confidential work items.
Gitlab Gitlab
Gitlab Gitlab 16.6.0
5.3
CVSSv3
CVE-2023-3102
A sensitive information leak issue has been discovered in GitLab EE affecting all versions starting from 16.0 prior to 16.0.6, all versions starting from 16.1 prior to 16.1.1, which allows access to titles of private issue and MR.
Gitlab Gitlab
Gitlab Gitlab 16.1.0
4.3
CVSSv3
CVE-2023-3115
An issue has been discovered in GitLab EE affecting all versions affecting all versions from 11.11 before 16.2.8, 16.3 before 16.3.5, and 16.4 before 16.4.1. Single Sign On restrictions were not correctly enforced for indirect project members accessing public members-only project...
Gitlab Gitlab
Gitlab Gitlab 16.4.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »