Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gitlab gitlab 16.4.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-5106
An issue has been discovered in Ultimate-licensed GitLab EE affecting all versions starting 13.12 before 16.2.8, 16.3.0 before 16.3.5, and 16.4.0 before 16.4.1 that could allow an malicious user to impersonate users in CI pipelines through direct transfer group imports.
Gitlab Gitlab
Gitlab Gitlab 16.4.0
NA
CVE-2023-3115
An issue has been discovered in GitLab EE affecting all versions affecting all versions from 11.11 before 16.2.8, 16.3 before 16.3.5, and 16.4 before 16.4.1. Single Sign On restrictions were not correctly enforced for indirect project members accessing public members-only project...
Gitlab Gitlab
Gitlab Gitlab 16.4.0
NA
CVE-2023-3979
An issue has been discovered in GitLab affecting all versions starting from 10.6 prior to 16.2.8, all versions starting from 16.3 prior to 16.3.5, all versions starting from 16.4 prior to 16.4.1. It was possible that upstream members to collaborate with you on your branch get per...
Gitlab Gitlab
Gitlab Gitlab 16.4.0
NA
CVE-2023-4379
An issue has been discovered in GitLab EE affecting all versions starting from 15.3 before 16.2.8, 16.3 before 16.3.5, and 16.4 before 16.4.1. Code owner approval was not removed from merge requests when the target branch was updated.
Gitlab Gitlab
Gitlab Gitlab 16.4.0
NA
CVE-2023-2233
An improper authorization issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 prior to 16.2.8, all versions starting from 16.3 prior to 16.3.5 and all versions starting from 16.4 prior to 16.4.1. It allows a project reporter to leak the owner'...
Gitlab Gitlab
Gitlab Gitlab 16.4.0
NA
CVE-2023-0989
An information disclosure issue in GitLab CE/EE affecting all versions starting from 13.11 before 16.2.8, 16.3 before 16.3.5, and 16.4 before 16.4.1 allows an malicious user to extract non-protected CI/CD variables by tricking a user to visit a fork with a malicious CI/CD configu...
Gitlab Gitlab
Gitlab Gitlab 16.4.0
NA
CVE-2023-3413
An issue has been discovered in GitLab affecting all versions starting from 16.2 prior to 16.2.8, all versions starting from 16.3 prior to 16.3.5, all versions starting from 16.4 prior to 16.4.1. It was possible to read the source code of a project through a fork created before c...
Gitlab Gitlab
Gitlab Gitlab 16.4.0
NA
CVE-2023-4532
An issue has been discovered in GitLab affecting all versions starting from 16.2 prior to 16.2.8, all versions starting from 16.3 prior to 16.3.5, all versions starting from 16.4 prior to 16.4.1. Users were capable of linking CI/CD jobs of private projects which they are not a me...
Gitlab Gitlab
Gitlab Gitlab 16.4.0
NA
CVE-2023-5198
An issue has been discovered in GitLab affecting all versions prior to 16.2.7, all versions starting from 16.3 prior to 16.3.5, and all versions starting from 16.4 prior to 16.4.1. It was possible for a removed project member to write to protected branches using deploy keys.
Gitlab Gitlab
Gitlab Gitlab 16.4.0
NA
CVE-2023-5207
A vulnerability exists in GitLab CE and EE affecting all versions starting 16.0 before 16.2.8, 16.3 before 16.3.5, and 16.4 before 16.4.1. An authenticated attacker could perform arbitrary pipeline execution under the context of another user.
Gitlab Gitlab
Gitlab Gitlab 16.4.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »