Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / gitlab

gitlab

1,383 tracked vulnerabilities.

CVE-2024-9164 CRITICAL

GitLab 12.5.0-17.2.8, 17.3.0-17.3.4, 17.4.0-17.4.1 - Unauthenticated Pipeline Execution on Arbitrary Branches

CVE-2024-8970 HIGH

GitLab 11.6-17.2.8, 17.3-17.3.4, 17.4-17.4.1 - Incorrect Authorization

CVE-2024-5005 MEDIUM

GitLab EE/CE <17.2.9-17.4.2 - Info Disclosure

CVE-2024-6530 HIGH

GitLab <17.2.9/<17.3.5/<17.4.2 - XSS

CVE-2024-9623 MEDIUM

GitLab 8.16-17.2.8, 17.3-17.3.4, 17.4-17.4.1 - Incorrect Authorization for Deploy Key Push to Archived Repository

CVE-2024-9596 LOW

GitLab EE <17.2.9, <17.3.5, <17.4.2 - Info Disclosure

CVE-2024-8977 HIGH

GitLab 15.10-17.2.8, 17.3-17.3.4, 17.4-17.4.1 - Server-Side Request Forgery via Product Analytics Dashboard

CVE-2024-8974 LOW

GitLab 15.6-17.2.7, 17.3-17.3.3, 17.4-17.4.0 - Unauthenticated Private Project Path Disclosure

CVE-2024-4099 LOW

GitLab EE <17.2.8-17.3.4-17.4.1 - Info Disclosure

CVE-2024-4278 MEDIUM

GitLab EE <17.2.8, <17.3.4, <17.4.1 - Info Disclosure

CVE-2024-6685 LOW

GitLab CE/EE <17.1.7-17.3.2 - Info Disclosure

CVE-2024-4283 MEDIUM

GitLab EE <17.1.7-17.3.2 - Open Redirect

CVE-2024-8641 MEDIUM

GitLab CE/EE <17.1.7-17.2.5-17.3.2 - Info Disclosure

CVE-2024-8311 MEDIUM

GitLab EE <17.2.5-17.3.2 - Auth Bypass

CVE-2024-6678 CRITICAL

GitLab CE/EE <17.1.7-17.3.2 - Privilege Escalation

CVE-2024-4472 MEDIUM

GitLab CE/EE <17.1.7-17.2.5-17.3.2 - Info Disclosure

CVE-2024-8754 MEDIUM

GitLab EE/CE <17.1.7-17.3.2 - Info Disclosure

CVE-2024-8640 HIGH

GitLab EE <17.1.7-17.3.2 - Command Injection

CVE-2024-8635 HIGH

GitLab 16.8-17.1.6, 17.2-17.2.4, 17.3-17.3.1 - Server-Side Request Forgery via Maven Dependency Proxy URL

CVE-2024-8631 MEDIUM

GitLab 16.6-17.1.6, 17.2-17.2.4, 17.3-17.3.1 - Privilege Escalation via Admin Group Member Role

CVE-2024-8124 HIGH

GitLab 16.4-17.1.6, 17.2-17.2.4, 17.3-17.3.1 - Denial of Service via POST Request

CVE-2024-6446 LOW

GitLab <17.1.7-17.2.5-17.3.2 - CSRF

CVE-2024-6389 MEDIUM

GitLab-CE/EE <17.1.7, <17.2.5, <17.3.2 - Info Disclosure

CVE-2024-5435 MEDIUM

GitLab 15.10.0-17.1.6, 17.2.0-17.2.4, 17.3.0-17.3.1 - Sensitive Information Disclosure

CVE-2024-4660 MEDIUM

GitLab 11.2.0-17.1.6, 17.2.0-17.2.4, 17.3.0-17.3.1 - Private Project Source Code Exposure via Group Templates

Previous Page 13 of 56 Next

Products

gitlab 1,368 GitLab 108 gitlab-shell 5 dynamic_application_security_testing_analyzer 4 runner 3 gitlab-vscode-extension 2 GitLab AI Gateway 1 dast_api_scanner 1 gitaly 1 gitlab_runner 1 language_server 1 omnibus 1

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy