gitlab

1,383 tracked vulnerabilities.

CVE-2023-5207 HIGH
GitLab CE/EE <16.2.8-16.4.1 - Authenticated RCE
Sep 30, 2023
CVSS 8.2
EPSS 0.00
CVE-2023-3413 MEDIUM
GitLab <16.2.8-16.4.1 - Info Disclosure
Sep 29, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-5198 MEDIUM
GitLab <16.2.7, <16.3.5, <16.4.1 - Info Disclosure
Sep 29, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-3922 LOW
GitLab 8.15-16.2.7, 16.3-16.3.4, 16.4 - Open Redirect via UI Link Hijacking
Sep 29, 2023
CVSS 3.0
EPSS 0.00
CVE-2023-4532 MEDIUM
GitLab <16.2.8-16.4.1 - Info Disclosure
Sep 29, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-3979 LOW
GitLab 10.6-16.2.7, 16.3-16.3.4, 16.4 - Incorrect Authorization in Merge Request Source Branch
Sep 29, 2023
CVSS 3.1
EPSS 0.00
CVE-2023-3920 MEDIUM
GitLab 11.2-16.2.7, 16.3-16.3.4, 16.4 - Incorrect Authorization
Sep 29, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-3917 MEDIUM
GitLab < 16.2.8, 16.3 < 16.3.5, 16.4 < 16.4.1 - Denial of Service in Pipelines
Sep 29, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-3914 MEDIUM
GitLab EE <16.2.8, <16.3.5, <16.4.1 - Info Disclosure
Sep 29, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-3906 LOW
GitLab EE <16.2.8-16.4.1 - Auth Bypass
Sep 29, 2023
CVSS 3.5
EPSS 0.00
CVE-2023-3115 MEDIUM
GitLab EE <16.2.8-16.4.1 - Info Disclosure
Sep 29, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-2233 LOW
GitLab 11.8-16.2.7, 16.3-16.3.4, 16.4 - Missing Authorization for Sentry Project Leak
Sep 29, 2023
CVSS 3.1
EPSS 0.00
CVE-2023-0989 MEDIUM
GitLab 13.11-16.2.7, 16.3-16.3.4, 16.4-16.4.0 - Information Disclosure via Malicious CI/CD Configuration
Sep 29, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-5009 HIGH
GitLab 13.12-16.2.6 and 16.3-16.3.3 - Incorrect Authorization via Scheduled Security Scan Policies
Sep 19, 2023
CVSS 8.2
EPSS 0.00
CVE-2023-4630 MEDIUM
GitLab <16.1.5-16.2.5-16.3.1 - Info Disclosure
Sep 11, 2023
CVSS 5.0
EPSS 0.00
CVE-2023-4647 MEDIUM
GitLab 15.2-16.1.4, 16.2-16.2.4, 16.3 - Denial of Service via Projects API Pagination Bypass
Sep 01, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-4378 MEDIUM
GitLab CE/EE <16.1.5, <16.2.5, <16.3.1 - Info Disclosure
Sep 01, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-4018 MEDIUM
GitLab <16.2.5-16.3.1 - Info Disclosure
Sep 01, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-3950 MEDIUM
GitLab 16.2-16.2.5, 16.3-16.3.1 - Unauthenticated Cleartext Storage of Sensitive Information in Google Cloud Logging
Sep 01, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-3915 MEDIUM
GitLab EE <16.1.5-16.3.1 - Privilege Escalation
Sep 01, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-3210 MEDIUM
GitLab 15.11-16.1.4, 16.2-16.2.4, 16.3 - Authenticated Denial of Service via Malicious Content Import/Clone
Sep 01, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-3205 MEDIUM
GitLab 15.11-16.1.4, 16.2-16.2.4, 16.3 - Authenticated Denial of Service via Malicious Content Import/Clone
Sep 01, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-1555 LOW
GitLab <16.1.5-16.2.5-16.3.1 - Info Disclosure
Sep 01, 2023
CVSS 2.7
EPSS 0.00
CVE-2023-1279 LOW
GitLab 4.1.0-16.1.4, 16.2.0-16.2.4, 16.3.0 - Open Redirect via Project URL
Sep 01, 2023
CVSS 2.6
EPSS 0.00
CVE-2023-0120 LOW
GitLab <16.1.5-16.3.1 - Info Disclosure
Sep 01, 2023
CVSS 3.5
EPSS 0.00
Products
gitlab 1,368 GitLab 108 gitlab-shell 5 dynamic_application_security_testing_analyzer 4 runner 3 gitlab-vscode-extension 2 GitLab AI Gateway 1 dast_api_scanner 1 gitaly 1 gitlab_runner 1 language_server 1 omnibus 1
Quick Filters
Critical CVEs With Exploits In CISA KEV