Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gitlab gitlab vulnerabilities and exploits
(subscribe to this query)
578
VMScore
CVE-2019-5486
A authentication bypass vulnerability exists in GitLab CE/EE <v12.3.2, <v12.2.6, and <v12.1.10 in the Salesforce login integration that could be used by an malicious user to create an account that bypassed domain restrictions and email verification requirements.
Gitlab Gitlab
578
VMScore
CVE-2019-15589
An improper access control vulnerability exists in Gitlab <v12.3.2, <v12.2.6, <v12.1.12 which would allow a blocked user would be able to use GIT clone and pull if he had obtained a CI/CD token before.
Gitlab Gitlab
578
VMScore
CVE-2019-18457
An issue exists in GitLab Community and Enterprise Edition 11.8 up to and including 12.4 when handling Security tokens.. It has Insecure Permissions.
Gitlab Gitlab
578
VMScore
CVE-2019-6783
An issue exists in GitLab Community and Enterprise Edition prior to 11.5.8, 11.6.x prior to 11.6.6, and 11.7.x prior to 11.7.1. GitLab Pages contains a directory traversal vulnerability that could lead to remote command execution.
Gitlab Gitlab
578
VMScore
CVE-2019-5473
An authentication issue exists in GitLab that allowed a bypass of email verification. This was addressed in GitLab 12.1.2 and 12.0.4.
Gitlab Gitlab 12.0.4
Gitlab Gitlab 12.1.2
578
VMScore
CVE-2018-19569
GitLab CE/EE, versions 8.8 up to 11.x prior to 11.3.11, 11.4 prior to 11.4.8, and 11.5 prior to 11.5.1, are vulnerable to an authorization vulnerability that allows access to the web-UI as a user using a Personal Access Token of any scope.
Gitlab Gitlab
578
VMScore
CVE-2018-19359
GitLab Community and Enterprise Edition 8.9 and later and prior to 11.5.0-rc12, 11.4.6, and 11.3.10 has Incorrect Access Control.
Gitlab Gitlab 11.5.0
Gitlab Gitlab
578
VMScore
CVE-2018-18646
An issue exists in GitLab Community and Enterprise Edition prior to 11.2.7, 11.3.x prior to 11.3.8, and 11.4.x prior to 11.4.3. It allows SSRF.
Gitlab Gitlab
578
VMScore
CVE-2017-0918
Gitlab Community Edition version 10.3 is vulnerable to a path traversal issue in the GitLab CI runner component resulting in remote code execution.
Gitlab Gitlab
Debian Debian Linux 9.0
578
VMScore
CVE-2017-0926
Gitlab Community Edition version 10.3 is vulnerable to an improper authorization issue in the Oauth sign-in component resulting in unauthorized user login.
Gitlab Gitlab
Debian Debian Linux 9.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-28995
CVE-2024-36680
CVE-2024-35537
unauthorized
CVE-2024-21518
CVE-2024-37673
cross-site scripting
SSRF
CVE-2024-6241
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »