Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gitlab gitlab vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-0402
An issue has been discovered in GitLab CE/EE affecting all versions from 16.0 before 16.6.6, 16.7 before 16.7.4, and 16.8 before 16.8.1 which allows an authenticated user to write files to arbitrary locations on the GitLab server while creating a workspace.
Gitlab Gitlab 16.8.0
Gitlab Gitlab
1 Github repository
NA
CVE-2024-0410
An authorization bypass vulnerability exists in GitLab affecting versions 15.1 before 16.7.6, 16.8 before 16.8.3, and 16.9 before 16.9.1. A developer could bypass CODEOWNERS approvals by creating a merge conflict.
Gitlab Gitlab 16.9.0
Gitlab Gitlab
NA
CVE-2024-0456
An authorization vulnerability exists in GitLab versions 14.0 before 16.6.6, 16.7 before 16.7.4, and 16.8 before 16.8.1. An unauthorized attacker is able to assign arbitrary users to MRs that they created within the project
Gitlab Gitlab 16.8.0
Gitlab Gitlab
NA
CVE-2023-3362
An information disclosure issue in GitLab CE/EE affecting all versions from 16.0 before 16.0.6, and version 16.1.0 allows unauthenticated actors to access the import error information if a project was imported from GitHub.
Gitlab Gitlab
Gitlab Gitlab 16.1.0
NA
CVE-2023-2233
An improper authorization issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 prior to 16.2.8, all versions starting from 16.3 prior to 16.3.5 and all versions starting from 16.4 prior to 16.4.1. It allows a project reporter to leak the owner'...
Gitlab Gitlab
Gitlab Gitlab 16.4.0
NA
CVE-2024-0861
An issue has been discovered in GitLab EE affecting all versions starting from 16.4 prior to 16.7.6, all versions starting from 16.8 prior to 16.8.3, all versions starting from 16.9 prior to 16.9.1. Users with the `Guest` role can change `Custom dashboard projects` settings contr...
Gitlab Gitlab 16.9.0
Gitlab Gitlab
NA
CVE-2022-4205
In Gitlab EE/CE prior to 15.6.1, 15.5.5 and 15.4.6 using a branch with a hexadecimal name could override an existing hash.
Gitlab Gitlab 15.6.0
Gitlab Gitlab
5
CVSSv2
CVE-2022-1352
Due to an insecure direct object reference vulnerability in Gitlab EE/CE affecting all versions from 11.0 before 14.8.6, 14.9 before 14.9.4, and 14.10 before 14.10.1, an endpoint may reveal the issue title to a user who crafted an API call with the ID of the issue from a public p...
Gitlab Gitlab 14.10.0
Gitlab Gitlab
4
CVSSv2
CVE-2022-1417
Improper access control in GitLab CE/EE affecting all versions starting from 8.12 prior to 14.8.6, all versions starting from 14.9 prior to 14.9.4, and all versions starting from 14.10 prior to 14.10.1 allows non-project members to access contents of Project Members-only Wikis vi...
Gitlab Gitlab 14.10.0
Gitlab Gitlab
5
CVSSv2
CVE-2022-1510
An issue has been discovered in GitLab affecting all versions starting from 13.9 prior to 14.8.6, all versions starting from 14.9 prior to 14.9.4, all versions starting from 14.10 prior to 14.10.1. GitLab was not correctly handling malicious text in the CI Editor and CI Pipeline ...
Gitlab Gitlab 14.10.0
Gitlab Gitlab
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »