Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gitlab gitlab vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv3
CVE-2023-0450
An issue has been discovered in GitLab affecting all versions starting from 8.1 to 15.8.5, and from 15.9 to 15.9.4, and from 15.10 to 15.10.1. It was possible to add a branch with an ambiguous name that could be used to social engineer users.
Gitlab Gitlab 15.10.0
Gitlab Gitlab
6.4
CVSSv3
CVE-2022-2497
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.6 prior to 15.0.5, all versions starting from 15.1 prior to 15.1.4, all versions starting from 15.2 prior to 15.2.1. A malicious developer could exfiltrate an integration's access token by m...
Gitlab Gitlab
Gitlab Gitlab 15.2
7.5
CVSSv3
CVE-2022-2498
An issue in pipeline subscriptions in GitLab EE affecting all versions from 12.8 before 15.0.5, 15.1 before 15.1.4, and 15.2 before 15.2.1 triggered new pipelines with the person who created the tag as the pipeline creator instead of the subscription's author.
Gitlab Gitlab
Gitlab Gitlab 15.2
7.5
CVSSv3
CVE-2022-2501
An improper access control issue in GitLab EE affecting all versions from 12.0 before 15.0.5, 15.1 before 15.1.4, and 15.2 before 15.2.1 allows an malicious user to bypass IP allow-listing and download artifacts. This attack only bypasses IP allow-listing, proper permissions are ...
Gitlab Gitlab
Gitlab Gitlab 15.2
5.3
CVSSv3
CVE-2022-2534
An issue has been discovered in GitLab CE/EE affecting all versions starting from 9.3 prior to 15.0.5, all versions starting from 15.1 prior to 15.1.4, all versions starting from 15.2 prior to 15.2.1. GitLab was returning contributor emails due to improper data handling in the Da...
Gitlab Gitlab
Gitlab Gitlab 15.2
5.3
CVSSv3
CVE-2022-2539
An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.6 before 15.0.5, 15.1 before 15.1.4, and 15.2 before 15.2.1, allowed a project member to filter issues by contact and organization.
Gitlab Gitlab
Gitlab Gitlab 15.2
6.1
CVSSv3
CVE-2022-0283
An issue has been discovered affecting GitLab versions before 13.5. An open redirect vulnerability was fixed in GitLab integration with Jira that a could cause the web application to redirect the request to the attacker specified URL.
Gitlab Gitlab
Gitlab Gitlab 14.7
4.9
CVSSv3
CVE-2022-0477
An issue has been discovered in GitLab affecting all versions starting from 11.9 prior to 14.5.4, all versions starting from 14.6.0 prior to 14.6.4, all versions starting from 14.7.0 prior to 14.7.1. GitLab was not correctly handling bulk requests to delete existing packages from...
Gitlab Gitlab
Gitlab Gitlab 14.7.0
4.3
CVSSv3
CVE-2023-5198
An issue has been discovered in GitLab affecting all versions prior to 16.2.7, all versions starting from 16.3 prior to 16.3.5, and all versions starting from 16.4 prior to 16.4.1. It was possible for a removed project member to write to protected branches using deploy keys.
Gitlab Gitlab
Gitlab Gitlab 16.4.0
7.5
CVSSv3
CVE-2023-5226
An issue has been discovered in GitLab affecting all versions prior to 16.4.3, all versions starting from 16.5 prior to 16.5.3, all versions starting from 16.6 prior to 16.6.1. Under certain circumstances, a malicious actor bypass prohibited branch checks using a specially crafte...
Gitlab Gitlab
Gitlab Gitlab 16.6.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651
CVE-2024-34255
elevation of privilege
CVE-2024-25529
CVE-2024-4671
NULL pointer dereference
CVE-2024-25527
template injection
CVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »