Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gitlab gitlab 14.3.1 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-39890
It was possible to bypass 2FA for LDAP users and access some specific pages with Basic Authentication in GitLab 14.1.1 and above.
Gitlab Gitlab
Gitlab Gitlab 14.3.0
Gitlab Gitlab 14.3.1
4.3
CVSSv3
CVE-2021-39883
Improper authorization checks in all versions of GitLab EE starting from 13.11 prior to 14.1.7, all versions starting from 14.2 prior to 14.2.5, and all versions starting from 14.3 prior to 14.3.1 allows subgroup members to see epics from all parent subgroups.
Gitlab Gitlab
Gitlab Gitlab 14.3.0
4.3
CVSSv3
CVE-2021-39888
In all versions of GitLab EE starting from 13.10 prior to 14.1.7, all versions starting from 14.2 prior to 14.2.5, and all versions starting from 14.3 prior to 14.3.1 a specific API endpoint may reveal details about a private group and other sensitive info inside issue and merge ...
Gitlab Gitlab
Gitlab Gitlab 14.3.0
5.4
CVSSv3
CVE-2021-39885
A Stored XSS in merge request creation page in all versions of Gitlab EE starting from 13.7 prior to 14.1.7, all versions starting from 14.2 prior to 14.2.5, and all versions starting from 14.3 prior to 14.3.1 allows an malicious user to execute arbitrary JavaScript code on the v...
Gitlab Gitlab
Gitlab Gitlab 14.3.0
5.4
CVSSv3
CVE-2021-39878
A stored Reflected Cross-Site Scripting vulnerability in the Jira integration in GitLab version 13.0 up to 14.3.1 allowed an malicious user to execute arbitrary javascript code.
Gitlab Gitlab
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site request forgery
CVE-2024-34351
CVE-2024-1076
CVE-2024-25522
CVE-2024-34547
CVE-2024-4644
unauthorized
remote
CVE-2024-4671
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started