Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gitlab vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2022-4201
A blind SSRF in GitLab CE/EE affecting all from 11.3 before 15.4.6, 15.5 before 15.5.5, and 15.6 before 15.6.1 allows an malicious user to connect to local addresses when configuring a malicious GitLab Runner.
Gitlab Gitlab 15.6.0
Gitlab Gitlab
4.3
CVSSv3
CVE-2023-3979
An issue has been discovered in GitLab affecting all versions starting from 10.6 prior to 16.2.8, all versions starting from 16.3 prior to 16.3.5, all versions starting from 16.4 prior to 16.4.1. It was possible that upstream members to collaborate with you on your branch get per...
Gitlab Gitlab
Gitlab Gitlab 16.4.0
4.9
CVSSv3
CVE-2022-0477
An issue has been discovered in GitLab affecting all versions starting from 11.9 prior to 14.5.4, all versions starting from 14.6.0 prior to 14.6.4, all versions starting from 14.7.0 prior to 14.7.1. GitLab was not correctly handling bulk requests to delete existing packages from...
Gitlab Gitlab
Gitlab Gitlab 14.7.0
7.5
CVSSv3
CVE-2023-5106
An issue has been discovered in Ultimate-licensed GitLab EE affecting all versions starting 13.12 before 16.2.8, 16.3.0 before 16.3.5, and 16.4.0 before 16.4.1 that could allow an malicious user to impersonate users in CI pipelines through direct transfer group imports.
Gitlab Gitlab
Gitlab Gitlab 16.4.0
9.8
CVSSv3
CVE-2021-22203
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7.9 prior to 13.8.7, all versions starting from 13.9 prior to 13.9.5, and all versions starting from 13.10 prior to 13.10.1. A specially crafted Wiki page allowed malicious users to read arbitrar...
Gitlab Gitlab
Gitlab Gitlab 13.10.0
4.3
CVSSv3
CVE-2023-1555
An issue has been discovered in GitLab affecting all versions starting from 15.2 prior to 16.1.5, all versions starting from 16.2 prior to 16.2.5, all versions starting from 16.3 prior to 16.3.1. A namespace-level banned user can access the API.
Gitlab Gitlab 16.3.0
Gitlab Gitlab
9.8
CVSSv3
CVE-2023-1708
An issue was identified in GitLab CE/EE affecting all versions from 1.0 before 15.8.5, 15.9 before 15.9.4, and 15.10 before 15.10.1 where non-printable characters gets copied from clipboard, allowing unexpected commands to be executed on victim machine.
Gitlab Gitlab 15.10.0
Gitlab Gitlab
5.3
CVSSv3
CVE-2023-1710
A sensitive information disclosure vulnerability in GitLab affecting all versions from 15.0 before 15.8.5, 15.9 before 15.9.4 and 15.10 before 15.10.1 allows an malicious user to view the count of internal notes for a given issue.
Gitlab Gitlab 15.10.0
Gitlab Gitlab
7.5
CVSSv3
CVE-2023-1733
A denial of service condition exists in the Prometheus server bundled with GitLab affecting all versions from 11.10 to 15.8.5, 15.9 to 15.9.4 and 15.10 to 15.10.1.
Gitlab Gitlab 15.10.0
Gitlab Gitlab
5.3
CVSSv3
CVE-2023-1787
An issue has been discovered in GitLab affecting all versions starting from 15.9 prior to 15.9.4, all versions starting from 15.10 prior to 15.10.1. A search timeout could be triggered if a specific HTML payload was used in the issue description.
Gitlab Gitlab 15.10.0
Gitlab Gitlab
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »