gitlab

1,383 tracked vulnerabilities.

CVE-2023-4522 MEDIUM
GitLab < 16.2.0 - Denial of Service via Directory Names with LF Characters
Aug 30, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-4002 MEDIUM
GitLab EE <16.0.8, <16.1.3, <16.2.2 - Info Disclosure
Aug 04, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-4008 MEDIUM
GitLab CE/EE <16.0.8-16.2.2 - Info Disclosure
Aug 03, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-3932 HIGH
GitLab EE <16.0.8-16.2.2 - Privilege Escalation
Aug 03, 2023
CVSS 8.2
EPSS 0.00
CVE-2023-3401 MEDIUM
GitLab < 16.0.8, 16.1-16.1.3, 16.2-16.2.2 - Remote Code Execution via Repository Name
Aug 02, 2023
CVSS 4.8
EPSS 0.00
CVE-2023-2022 MEDIUM
GitLab CE/EE <16.0.8, <16.1.3, <16.2.2 - Info Disclosure
Aug 02, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-4011 MEDIUM
GitLab 15.11-16.2.2 - Denial of Service via Resource Consumption Spike
Aug 02, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-3994 HIGH
GitLab 9.3-16.0.7, 16.1-16.1.2, 16.2-16.2.1 - Regular Expression Denial of Service via ProjectReferenceFilter
Aug 02, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-3993 MEDIUM
GitLab 14.3-16.0.7, 16.1-16.1.2, 16.2-16.2.1 - Sensitive Information Disclosure in Log Files
Aug 02, 2023
CVSS 4.9
EPSS 0.00
CVE-2023-3900 MEDIUM
GitLab 16.1-16.1.3 and 16.2-16.2.2 - Denial of Service via Invalid 'start_sha' Value
Aug 02, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-3500 MEDIUM
GitLab CE/EE <16.0.8-16.1.3-16.2.2 - Reflected XSS
Aug 02, 2023
CVSS 4.8
EPSS 0.00
CVE-2023-3385 MEDIUM
GitLab <16.0.8, <16.1.3, <16.2.2 - Info Disclosure
Aug 02, 2023
CVSS 6.3
EPSS 0.00
CVE-2023-3364 HIGH
GitLab CE/EE <16.0.8-16.1.3-16.2.2 - DoS
Aug 02, 2023
CVSS 7.5
EPSS 0.05
CVE-2023-2164 MEDIUM
GitLab 15.9-16.0.7, 16.1-16.1.2, 16.2-16.2.1 - Stored Cross-Site Scripting via WebIDE Beta URL
Aug 02, 2023
CVSS 5.4
EPSS 0.52
CVE-2023-1210 LOW
GitLab 12.9-16.0.8 16.1-16.1.3 16.2-16.2.2 - Email Leak via Error Message
Aug 02, 2023
CVSS 3.1
EPSS 0.00
CVE-2023-0632 MEDIUM
GitLab 15.2-16.0.7, 16.1-16.1.2, 16.2-16.2.1 - Regular Expression Denial of Service via Harbor Registry Search
Aug 02, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-1401 MEDIUM
GitLab DAST Scanner 3.0.29-4.0.5 - Cookie Leak on Redirect
Jul 26, 2023
CVSS 5.0
EPSS 0.00
CVE-2023-3102 MEDIUM
GitLab EE <16.0.6-16.1.1 - Info Disclosure
Jul 21, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-3484 HIGH
GitLab 12.8.0-15.11.10, 16.0.0-16.0.6, 16.1.0-16.1.1 - Incorrect Authorization
Jul 21, 2023
CVSS 8.0
EPSS 0.00
CVE-2023-3444 MEDIUM
GitLab 15.3-15.11.9, 16.0-16.0.5, 16.1 - Incorrect Authorization in Protected Branch Merge
Jul 13, 2023
CVSS 5.7
EPSS 0.00
CVE-2023-3424 HIGH
GitLab 10.3.0-15.11.9, 16.0.0-16.0.5, 16.1.0 - Denial of Service via Preview Markdown Endpoint
Jul 13, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-3363 LOW
Gitlab CE/EE <15.11.10, <16.0.6, <16.1.1 - Info Disclosure
Jul 13, 2023
CVSS 3.9
EPSS 0.00
CVE-2023-3362 MEDIUM
GitLab CE/EE <16.0.6 & 16.1.0 - Info Disclosure
Jul 13, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-2620 MEDIUM
GitLab CE/EE <15.11.10, <16.0.6, <16.1.1 - Info Disclosure
Jul 13, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-2576 MEDIUM
GitLab 13.7-15.11.9, 16.0-16.0.5, 16.1 - Incorrect Authorization in CODEOWNERS Rule Removal
Jul 13, 2023
CVSS 4.3
EPSS 0.00
Products
gitlab 1,368 GitLab 108 gitlab-shell 5 dynamic_application_security_testing_analyzer 4 runner 3 gitlab-vscode-extension 2 GitLab AI Gateway 1 dast_api_scanner 1 gitaly 1 gitlab_runner 1 language_server 1 omnibus 1
Quick Filters
Critical CVEs With Exploits In CISA KEV