Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gitlab vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2020-13274
A security issue allowed achieving Denial of Service attacks through memory exhaustion by uploading malicious artifacts in all previous GitLab versions up to and including 13.0.1
Gitlab Gitlab
Gitlab Gitlab 13.0.0
5.5
CVSSv2
CVE-2020-13275
A user with an unverified email address could request an access to domain restricted groups in GitLab EE 12.2 and later up to and including 13.0.1
Gitlab Gitlab
Gitlab Gitlab 13.0.0
4
CVSSv2
CVE-2020-13276
User is allowed to set an email as a notification email even without verifying the new email in all previous GitLab CE/EE versions up to and including 13.0.1
Gitlab Gitlab
Gitlab Gitlab 13.0.0
NA
CVE-2022-2499
An issue has been discovered in GitLab EE affecting all versions starting from 13.10 prior to 15.0.5, all versions starting from 15.1 prior to 15.1.4, all versions starting from 15.2 prior to 15.2.1. GitLab's Jira integration has an insecure direct object reference vulnerabi...
Gitlab Gitlab
Gitlab Gitlab 15.2
NA
CVE-2023-0319
An issue has been discovered in GitLab affecting all versions starting from 13.6 prior to 15.8.5, all versions starting from 15.9 prior to 15.9.4, all versions starting from 15.10 prior to 15.10.1, allowing to read environment names supposed to be restricted to project memebers o...
Gitlab Gitlab 15.10.0
Gitlab Gitlab
NA
CVE-2023-4630
An issue has been discovered in GitLab affecting all versions starting from 10.6 prior to 16.1.5, all versions starting from 16.2 prior to 16.2.5, all versions starting from 16.3 prior to 16.3.1 in which any user can read limited information about any project's imports.
Gitlab Gitlab 16.3.0
Gitlab Gitlab
NA
CVE-2023-4647
An issue has been discovered in GitLab affecting all versions starting from 15.2 prior to 16.1.5, all versions starting from 16.2 prior to 16.2.5, all versions starting from 16.3 prior to 16.3.1 in which the projects API pagination can be skipped, potentially leading to DoS on ce...
Gitlab Gitlab 16.3.0
Gitlab Gitlab
NA
CVE-2023-4658
An issue has been discovered in GitLab EE affecting all versions starting from 8.13 prior to 16.4.3, all versions starting from 16.5 prior to 16.5.3, all versions starting from 16.6 prior to 16.6.1. It was possible for an malicious user to abuse the `Allowed to merge` permission ...
Gitlab Gitlab
Gitlab Gitlab 16.6.0
NA
CVE-2022-2456
An issue has been discovered in GitLab CE/EE affecting all versions prior to 15.0.5, all versions starting from 15.1 prior to 15.1.4, all versions starting from 15.2 prior to 15.2.1. It may be possible for malicious group or project maintainers to change their corresponding group...
Gitlab Gitlab
Gitlab Gitlab 15.2
NA
CVE-2022-2459
An issue has been discovered in GitLab EE affecting all versions prior to 15.0.5, all versions starting from 15.1 prior to 15.1.4, all versions starting from 15.2 prior to 15.2.1. It may be possible for email invited members to join a project even after the Group Owner has enable...
Gitlab Gitlab
Gitlab Gitlab 15.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304
CVE-2024-4240
arbitrary
CVE-2024-31601
XSS
CVE-2023-20198
CVE-2024-4256
CVE-2024-3342
encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »