Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gitlab gitlab 14.7 vulnerabilities and exploits
(subscribe to this query)
516
VMScore
CVE-2022-0283
An issue has been discovered affecting GitLab versions before 13.5. An open redirect vulnerability was fixed in GitLab integration with Jira that a could cause the web application to redirect the request to the attacker specified URL.
Gitlab Gitlab
Gitlab Gitlab 14.7
NA
CVE-2023-4700
An authorization issue affecting GitLab EE affecting all versions from 14.7 before 16.3.6, 16.4 before 16.4.2, and 16.5 before 16.5.1, allowed a user to run jobs in protected environments, bypassing any required approvals.
Gitlab Gitlab
Gitlab Gitlab 16.5.0
187
VMScore
CVE-2022-0390
Improper access control in Gitlab CE/EE versions 12.7 to 14.5.4, 14.6 to 14.6.4, and 14.7 to 14.7.1 allowed for project non-members to retrieve issue details when it was linked to an item from the vulnerability dashboard.
Gitlab Gitlab
Gitlab Gitlab 14.7.0
668
VMScore
CVE-2022-1162
A hardcoded password was set for accounts registered using an OmniAuth provider (e.g. OAuth, LDAP, SAML) in GitLab CE/EE versions 14.7 before 14.7.7, 14.8 before 14.8.5, and 14.9 before 14.9.2 allowing malicious users to potentially take over accounts
Gitlab Gitlab
3 Github repositories
1 Article
383
VMScore
CVE-2022-0738
An issue has been discovered in GitLab affecting all versions starting from 14.6 prior to 14.6.5, all versions starting from 14.7 prior to 14.7.4, all versions starting from 14.8 prior to 14.8.2. GitLab was leaking user passwords when adding mirrors with SSH credentials under spe...
Gitlab Gitlab
668
VMScore
CVE-2022-0735
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.10 prior to 14.6.5, all versions starting from 14.7 prior to 14.7.4, all versions starting from 14.8 prior to 14.8.2. An unauthorised user was able to steal runner registration tokens through an ...
Gitlab Gitlab
490
VMScore
CVE-2022-0136
A vulnerability exists in GitLab versions 10.5 to 14.5.4, 14.6 to 14.6.4, and 14.7 to 14.7.1. GitLab was vulnerable to a blind SSRF attack through the Project Import feature.
Gitlab Gitlab
356
VMScore
CVE-2022-0371
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.4 prior to 14.5.4, all versions starting from 14.6 prior to 14.6.4, all versions starting from 14.7 prior to 14.7.1. GitLab search may allow authenticated users to search other users by their res...
Gitlab Gitlab
383
VMScore
CVE-2022-1175
Improper neutralization of user input in GitLab CE/EE versions 14.4 prior to 14.7.7, all versions starting from 14.8 prior to 14.8.5, all versions starting from 14.9 prior to 14.9.2 allowed an malicious user to exploit XSS by injecting HTML in notes.
Gitlab Gitlab
1 Github repository
1 Article
542
VMScore
CVE-2021-4191
An issue has been discovered in GitLab CE/EE affecting versions 13.0 to 14.6.5, 14.7 to 14.7.4, and 14.8 to 14.8.2. Private GitLab instances with restricted sign-ups may be vulnerable to user enumeration to unauthenticated users through the GraphQL API.
Gitlab Gitlab
1 Metasploit module
6 Github repositories
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started