Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gitlab gitlab vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-6033
Improper neutralization of input in Jira integration configuration in GitLab CE/EE, affecting all versions from 15.10 before 16.6.1, 16.5 before 16.5.3, and 16.4 before 16.4.3 allows malicious user to execute javascript in victim's browser.
Gitlab Gitlab
NA
CVE-2023-5995
An issue has been discovered in GitLab EE affecting all versions starting from 16.2 prior to 16.4.3, all versions starting from 16.5 prior to 16.5.3, all versions starting from 16.6 prior to 16.6.1. It was possible for an malicious user to abuse the policy bot to gain access to i...
Gitlab Gitlab
Gitlab Gitlab 16.6.0
NA
CVE-2023-3949
An issue has been discovered in GitLab affecting all versions starting from 11.3 prior to 16.4.3, all versions starting from 16.5 prior to 16.5.3, all versions starting from 16.6 prior to 16.6.1. It was possible for unauthorized users to view a public projects' release descr...
Gitlab Gitlab
Gitlab Gitlab 16.6.0
NA
CVE-2023-3443
An issue has been discovered in GitLab affecting all versions starting from 12.1 prior to 16.4.3, all versions starting from 16.5 prior to 16.5.3, all versions starting from 16.6 prior to 16.6.1. It was possible for a Guest user to add an emoji on confidential work items.
Gitlab Gitlab
Gitlab Gitlab 16.6.0
NA
CVE-2023-4912
An issue has been discovered in GitLab EE affecting all versions starting from 10.5 prior to 16.4.3, all versions starting from 16.5 prior to 16.5.3, all versions starting from 16.6 prior to 16.6.1. It was possible for an malicious user to cause a client-side denial of service us...
Gitlab Gitlab
Gitlab Gitlab 16.6.0
NA
CVE-2023-4379
An issue has been discovered in GitLab EE affecting all versions starting from 15.3 before 16.2.8, 16.3 before 16.3.5, and 16.4 before 16.4.1. Code owner approval was not removed from merge requests when the target branch was updated.
Gitlab Gitlab
Gitlab Gitlab 16.4.0
NA
CVE-2023-4700
An authorization issue affecting GitLab EE affecting all versions from 14.7 before 16.3.6, 16.4 before 16.4.2, and 16.5 before 16.5.1, allowed a user to run jobs in protected environments, bypassing any required approvals.
Gitlab Gitlab
Gitlab Gitlab 16.5.0
NA
CVE-2023-3399
An issue has been discovered in GitLab EE affecting all versions starting from 11.6 prior to 16.3.6, all versions starting from 16.4 prior to 16.4.2, all versions starting from 16.5 prior to 16.5.1. It was possible for an unauthorised project or group member to read the CI/CD var...
Gitlab Gitlab
Gitlab Gitlab 13.0.0
NA
CVE-2023-3246
An issue has been discovered in GitLab EE/CE affecting all versions starting prior to 16.3.6, all versions starting from 16.4 prior to 16.4.2, all versions starting from 16.5 prior to 16.5.1 which allows an malicious users to block Sidekiq job processor.
Gitlab Gitlab
Gitlab Gitlab 16.5.0
NA
CVE-2023-3909
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.3 prior to 16.3.6, all versions starting from 16.4 prior to 16.4.2, all versions starting from 16.5 prior to 16.5.1. A Regular Expression Denial of Service was possible by adding a large string i...
Gitlab Gitlab
Gitlab Gitlab 16.5.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-6267
XML injection
CVE-2024-37673
CVE-2024-6266
CVE-2024-30078
arbitrary
CVE-2024-36886
CVE-2024-5346
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »