Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gitlab gitlab vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2020-13333
A potential DOS vulnerability exists in GitLab versions 13.1, 13.2 and 13.3. The api to update an asset as a link from a release had a regex check which caused exponential number of backtracks for certain user supplied values resulting in high CPU usage.
Gitlab Gitlab 13.1.0
Gitlab Gitlab 13.2.0
Gitlab Gitlab 13.3.0
4.3
CVSSv3
CVE-2023-3979
An issue has been discovered in GitLab affecting all versions starting from 10.6 prior to 16.2.8, all versions starting from 16.3 prior to 16.3.5, all versions starting from 16.4 prior to 16.4.1. It was possible that upstream members to collaborate with you on your branch get per...
Gitlab Gitlab
Gitlab Gitlab 16.4.0
6.7
CVSSv3
CVE-2023-6477
An issue has been discovered in GitLab EE affecting all versions starting from 16.5 prior to 16.7.6, all versions starting from 16.8 prior to 16.8.3, all versions starting from 16.9 prior to 16.9.1. When a user is assigned a custom role with admin_group_member permission, they ma...
Gitlab Gitlab
Gitlab Gitlab 16.9.0
6.5
CVSSv3
CVE-2023-4912
An issue has been discovered in GitLab EE affecting all versions starting from 10.5 prior to 16.4.3, all versions starting from 16.5 prior to 16.5.3, all versions starting from 16.6 prior to 16.6.1. It was possible for an malicious user to cause a client-side denial of service us...
Gitlab Gitlab
Gitlab Gitlab 16.6.0
4.3
CVSSv3
CVE-2023-3246
An issue has been discovered in GitLab EE/CE affecting all versions starting prior to 16.3.6, all versions starting from 16.4 prior to 16.4.2, all versions starting from 16.5 prior to 16.5.1 which allows an malicious users to block Sidekiq job processor.
Gitlab Gitlab
Gitlab Gitlab 16.5.0
4.3
CVSSv3
CVE-2023-4378
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 prior to 16.1.5, all versions starting from 16.2 prior to 16.2.5, all versions starting from 16.3 prior to 16.3.1. A malicious Maintainer can, under specific circumstances, leak the sentry toke...
Gitlab Gitlab 16.3.0
Gitlab Gitlab
7.5
CVSSv3
CVE-2023-4379
An issue has been discovered in GitLab EE affecting all versions starting from 15.3 before 16.2.8, 16.3 before 16.3.5, and 16.4 before 16.4.1. Code owner approval was not removed from merge requests when the target branch was updated.
Gitlab Gitlab
Gitlab Gitlab 16.4.0
9.9
CVSSv3
CVE-2024-0402
An issue has been discovered in GitLab CE/EE affecting all versions from 16.0 before 16.6.6, 16.7 before 16.7.4, and 16.8 before 16.8.1 which allows an authenticated user to write files to arbitrary locations on the GitLab server while creating a workspace.
Gitlab Gitlab 16.8.0
Gitlab Gitlab
1 Github repository
7.7
CVSSv3
CVE-2024-0410
An authorization bypass vulnerability exists in GitLab affecting versions 15.1 before 16.7.6, 16.8 before 16.8.3, and 16.9 before 16.9.1. A developer could bypass CODEOWNERS approvals by creating a merge conflict.
Gitlab Gitlab 16.9.0
Gitlab Gitlab
4.3
CVSSv3
CVE-2024-0456
An authorization vulnerability exists in GitLab versions 14.0 before 16.6.6, 16.7 before 16.7.4, and 16.8 before 16.8.1. An unauthorized attacker is able to assign arbitrary users to MRs that they created within the project
Gitlab Gitlab 16.8.0
Gitlab Gitlab
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »