Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gitlab vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2022-1981
An issue has been discovered in GitLab EE affecting all versions starting from 12.2 before 14.10.5, 15.0 before 15.0.4, and 15.1 before 15.1.1. In GitLab, if a group enables the setting to restrict access to users belonging to specific domains, that allow-list may be bypassed if ...
Gitlab Gitlab 15.1.0
Gitlab Gitlab
4
CVSSv2
CVE-2022-1983
Incorrect authorization in GitLab EE affecting all versions from 10.7 before 14.10.5, 15.0 before 15.0.4, and 15.1 before 15.1.1, allowed an attacker already in possession of a valid Deploy Key or a Deploy Token to misuse it from any location to access Container Registries even w...
Gitlab Gitlab 15.1.0
Gitlab Gitlab
4.3
CVSSv2
CVE-2022-1999
An issue has been discovered in GitLab CE/EE affecting all versions from 8.13 before 14.10.5, 15.0 before 15.0.4, and 15.1 before 15.1.1. Under certain conditions, using the REST API an unprivileged user was able to change labels description.
Gitlab Gitlab 15.1.0
Gitlab Gitlab
NA
CVE-2022-2417
Insufficient validation in GitLab CE/EE affecting all versions from 12.10 before 15.0.5, 15.1 before 15.1.4, and 15.2 before 15.2.1 allows an authenticated and authorised user to import a project that includes branch names which are 40 hexadecimal characters, which could be abuse...
Gitlab Gitlab
Gitlab Gitlab 15.2
NA
CVE-2022-2456
An issue has been discovered in GitLab CE/EE affecting all versions prior to 15.0.5, all versions starting from 15.1 prior to 15.1.4, all versions starting from 15.2 prior to 15.2.1. It may be possible for malicious group or project maintainers to change their corresponding group...
Gitlab Gitlab
Gitlab Gitlab 15.2
NA
CVE-2023-3920
An issue has been discovered in GitLab affecting all versions starting from 11.2 prior to 16.2.8, all versions starting from 16.3 prior to 16.3.5, all versions starting from 16.4 prior to 16.4.1. It was possible that a maintainer to create a fork relationship between existing pro...
Gitlab Gitlab
Gitlab Gitlab 16.4.0
NA
CVE-2023-3922
An issue has been discovered in GitLab affecting all versions starting from 8.15 prior to 16.2.8, all versions starting from 16.3 prior to 16.3.5, all versions starting from 16.4 prior to 16.4.1. It was possible to hijack some links and buttons on the GitLab UI to a malicious pag...
Gitlab Gitlab
Gitlab Gitlab 16.4.0
NA
CVE-2023-3949
An issue has been discovered in GitLab affecting all versions starting from 11.3 prior to 16.4.3, all versions starting from 16.5 prior to 16.5.3, all versions starting from 16.6 prior to 16.6.1. It was possible for unauthorized users to view a public projects' release descr...
Gitlab Gitlab
Gitlab Gitlab 16.6.0
NA
CVE-2023-3950
An information disclosure issue in GitLab EE affecting all versions from 16.2 before 16.2.5, and 16.3 before 16.3.1 allowed other Group Owners to see the Public Key for a Google Cloud Logging audit event streaming destination, if configured. Owners can now only write the key, not...
Gitlab Gitlab 16.3.0
Gitlab Gitlab
NA
CVE-2023-3964
An issue has been discovered in GitLab affecting all versions starting from 13.2 prior to 16.4.3, all versions starting from 16.5 prior to 16.5.3, all versions starting from 16.6 prior to 16.6.1. It was possible for users to access composer packages on public projects that have p...
Gitlab Gitlab
Gitlab Gitlab 16.6.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »