Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gitlab vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-6564
An issue has been discovered in GitLab EE Premium and Ultimate affecting versions 16.4.3, 16.5.3, and 16.6.1. In projects using subgroups to define who can push and/or merge to protected branches, there may have been instances in which subgroup members with the Developer role wer...
Gitlab Gitlab 16.4.3
Gitlab Gitlab 16.5.3
Gitlab Gitlab 16.6.1
NA
CVE-2023-0838
An issue has been discovered in GitLab affecting versions starting from 15.1 prior to 15.8.5, 15.9 prior to 15.9.4, and 15.10 prior to 15.10.1. A maintainer could modify a webhook URL to leak masked webhook secrets by adding a new parameter to the url. This addresses an incomplet...
Gitlab Gitlab 15.10.0
Gitlab Gitlab
NA
CVE-2023-3246
An issue has been discovered in GitLab EE/CE affecting all versions starting prior to 16.3.6, all versions starting from 16.4 prior to 16.4.2, all versions starting from 16.5 prior to 16.5.1 which allows an malicious users to block Sidekiq job processor.
Gitlab Gitlab
Gitlab Gitlab 16.5.0
NA
CVE-2023-5825
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.2 prior to 16.3.6, all versions starting from 16.4 prior to 16.4.2, all versions starting from 16.5 prior to 16.5.1. A low-privileged attacker can point a CI/CD Component to an incorrect path and...
Gitlab Gitlab
Gitlab Gitlab 16.5.0
NA
CVE-2023-5831
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.0 prior to 16.3.6, all versions starting from 16.4 prior to 16.4.2, and all versions starting from 16.5.0 prior to 16.5.1 which have the `super_sidebar_logged_out` feature flag enabled. Affected ...
Gitlab Gitlab
Gitlab Gitlab 16.5.0
NA
CVE-2023-0319
An issue has been discovered in GitLab affecting all versions starting from 13.6 prior to 15.8.5, all versions starting from 15.9 prior to 15.9.4, all versions starting from 15.10 prior to 15.10.1, allowing to read environment names supposed to be restricted to project memebers o...
Gitlab Gitlab 15.10.0
Gitlab Gitlab
NA
CVE-2023-0450
An issue has been discovered in GitLab affecting all versions starting from 8.1 to 15.8.5, and from 15.9 to 15.9.4, and from 15.10 to 15.10.1. It was possible to add a branch with an ambiguous name that could be used to social engineer users.
Gitlab Gitlab 15.10.0
Gitlab Gitlab
NA
CVE-2023-4895
An issue has been discovered in GitLab EE affecting all versions starting from 12.0 to 16.7.6, all versions starting from 16.8 prior to 16.8.3, all versions starting from 16.9 prior to 16.9.1. This vulnerability allows for bypassing the 'group ip restriction' settings t...
Gitlab Gitlab
Gitlab Gitlab 16.9.0
NA
CVE-2023-4018
An issue has been discovered in GitLab affecting all versions starting from 16.2 prior to 16.2.5, all versions starting from 16.3 prior to 16.3.1. Due to improper permission validation it was possible to create model experiments in public projects.
Gitlab Gitlab 16.3.0
Gitlab Gitlab
NA
CVE-2022-3572
A cross-site scripting issue has been discovered in GitLab CE/EE affecting all versions from 13.5 before 15.3.5, 15.4 before 15.4.4, and 15.5 before 15.5.2. It was possible to exploit a vulnerability in setting the Jira Connect integration which could lead to a reflected XSS that...
Gitlab Gitlab 15.6.0
Gitlab Gitlab
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924
CVE-2024-3400
overflow
CVE-2024-23528
CVE-2024-21338
CVE-2024-3818
CVE-2024-23535
NULL pointer dereference
elevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »