Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gitlab vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2023-4018
An issue has been discovered in GitLab affecting all versions starting from 16.2 prior to 16.2.5, all versions starting from 16.3 prior to 16.3.1. Due to improper permission validation it was possible to create model experiments in public projects.
Gitlab Gitlab 16.3.0
Gitlab Gitlab
9.9
CVSSv3
CVE-2024-0402
An issue has been discovered in GitLab CE/EE affecting all versions from 16.0 before 16.6.6, 16.7 before 16.7.4, and 16.8 before 16.8.1 which allows an authenticated user to write files to arbitrary locations on the GitLab server while creating a workspace.
Gitlab Gitlab 16.8.0
Gitlab Gitlab
1 Github repository
7.7
CVSSv3
CVE-2024-0410
An authorization bypass vulnerability exists in GitLab affecting versions 15.1 before 16.7.6, 16.8 before 16.8.3, and 16.9 before 16.9.1. A developer could bypass CODEOWNERS approvals by creating a merge conflict.
Gitlab Gitlab 16.9.0
Gitlab Gitlab
4.3
CVSSv3
CVE-2022-2243
An access control vulnerability in GitLab EE/CE affecting all versions from 14.8 before 14.10.5, 15.0 before 15.0.4, and 15.1 before 15.1.1, allows authenticated users to enumerate issues in non-linked sentry projects.
Gitlab Gitlab 15.1.0
Gitlab Gitlab
4.3
CVSSv3
CVE-2022-2244
An improper authorization vulnerability in GitLab EE/CE affecting all versions from 14.8 before 14.10.5, 15.0 before 15.0.4, and 15.1 before 15.1.1, allows project memebers with reporter role to manage issues in project's error tracking feature.
Gitlab Gitlab 15.1.0
Gitlab Gitlab
6.1
CVSSv3
CVE-2022-2250
An open redirect vulnerability in GitLab EE/CE affecting all versions from 11.1 before 14.10.5, 15.0 before 15.0.4, and 15.1 before 15.1.1, allows an malicious user to redirect users to an arbitrary location if they trust the URL.
Gitlab Gitlab 15.1.0
Gitlab Gitlab
5.3
CVSSv3
CVE-2022-2270
An issue has been discovered in GitLab affecting all versions starting from 12.4 prior to 14.10.5, all versions starting from 15.0 prior to 15.0.4, all versions starting from 15.1 prior to 15.1.1. GitLab was leaking Conan packages names due to incorrect permissions verification.
Gitlab Gitlab 15.1.0
Gitlab Gitlab
6.1
CVSSv3
CVE-2022-3513
An issue has been discovered in GitLab affecting all versions starting from 12.8 prior to 15.8.5, all versions starting from 15.9 prior to 15.9.4, all versions starting from 15.10 prior to 15.10.1. A specially crafted payload could lead to a reflected XSS on the client side which...
Gitlab Gitlab 15.10.0
Gitlab Gitlab
4.3
CVSSv3
CVE-2023-0120
An issue has been discovered in GitLab affecting all versions starting from 10.0 prior to 16.1.5, all versions starting from 16.2 prior to 16.2.5, all versions starting from 16.3 prior to 16.3.1. Due to improper permission validation it was possible to edit labels description by ...
Gitlab Gitlab 16.3.0
Gitlab Gitlab
5.3
CVSSv3
CVE-2023-5612
An issue has been discovered in GitLab affecting all versions prior to 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1. It was possible to read the user email address via tags feed although the visibility in the user profile has been disabled.
Gitlab Gitlab 16.8.0
Gitlab Gitlab
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
injection
CVE-2024-30983
CVE-2023-4235
CVE-2024-21338
privilege
encryption
CVE-2023-4232
CVE-2024-31497
CVE-2024-32341
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
10
NEXT »