Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gitlab vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-2826
An issue has been discovered in GitLab affecting all versions starting from 10.0 prior to 12.9.8, all versions starting from 12.10 prior to 12.10.7, all versions starting from 13.0 prior to 13.0.1. TODO
Gitlab Gitlab
Gitlab Gitlab 13.0.0
NA
CVE-2018-17449
An issue exists in GitLab Community and Enterprise Edition prior to 11.1.7, 11.2.x prior to 11.2.4, and 11.3.x prior to 11.3.1. Remote attackers could obtain sensitive information about issues, comments, and project titles via events API insecure direct object reference.
Gitlab Gitlab
Gitlab Gitlab 11.3.0
NA
CVE-2018-17451
An issue exists in GitLab Community and Enterprise Edition prior to 11.1.7, 11.2.x prior to 11.2.4, and 11.3.x prior to 11.3.1. There is Cross Site Request Forgery (CSRF) in the Slack integration for issuing slash commands.
Gitlab Gitlab
Gitlab Gitlab 11.3.0
NA
CVE-2018-17454
An issue exists in GitLab Community and Enterprise Edition prior to 11.1.7, 11.2.x prior to 11.2.4, and 11.3.x prior to 11.3.1. There is stored XSS on the issue details screen.
Gitlab Gitlab
Gitlab Gitlab 11.3.0
NA
CVE-2018-17536
An issue exists in GitLab Community and Enterprise Edition prior to 11.1.7, 11.2.x prior to 11.2.4, and 11.3.x prior to 11.3.1. There is stored XSS on the merge request page via project import.
Gitlab Gitlab
Gitlab Gitlab 11.3.0
NA
CVE-2018-17537
An issue exists in GitLab Community and Enterprise Edition prior to 11.1.7, 11.2.x prior to 11.2.4, and 11.3.x prior to 11.3.1. blog-viewer has stored XSS during repository browsing, if package.json exists. .
Gitlab Gitlab
Gitlab Gitlab 11.3.0
NA
CVE-2022-3285
Bypass of healthcheck endpoint allow list affecting all versions from 12.0 before 15.2.5, 15.3 before 15.3.4, and 15.4 before 15.4.1 allows an unauthorized malicious user to prevent access to GitLab
Gitlab Gitlab 15.4.0
Gitlab Gitlab
NA
CVE-2023-3509
An issue has been discovered in GitLab affecting all versions prior to 16.7.6, all versions starting from 16.8 prior to 16.8.3, all versions starting from 16.9 prior to 16.9.1. It was possible for group members with sub-maintainer role to change the title of privately accessible ...
Gitlab Gitlab 16.9.0
Gitlab Gitlab
NA
CVE-2022-3572
A cross-site scripting issue has been discovered in GitLab CE/EE affecting all versions from 13.5 before 15.3.5, 15.4 before 15.4.4, and 15.5 before 15.5.2. It was possible to exploit a vulnerability in setting the Jira Connect integration which could lead to a reflected XSS that...
Gitlab Gitlab 15.6.0
Gitlab Gitlab
NA
CVE-2023-4532
An issue has been discovered in GitLab affecting all versions starting from 16.2 prior to 16.2.8, all versions starting from 16.3 prior to 16.3.5, all versions starting from 16.4 prior to 16.4.1. Users were capable of linking CI/CD jobs of private projects which they are not a me...
Gitlab Gitlab
Gitlab Gitlab 16.4.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »