gitlab
1,423 tracked vulnerabilities.
CVE-2023-3115
MEDIUM
GitLab EE <16.2.8-16.4.1 - Info Disclosure
Sep 29, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-2233
LOW
GitLab 11.8-16.2.7, 16.3-16.3.4, 16.4 - Missing Authorization for Sentry Project Leak
Sep 29, 2023
CVSS 3.1
EPSS 0.00
CVE-2023-0989
MEDIUM
GitLab 13.11-16.2.7, 16.3-16.3.4, 16.4-16.4.0 - Information Disclosure via Malicious CI/CD Configuration
Sep 29, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-5009
HIGH
GitLab 13.12-16.2.6 and 16.3-16.3.3 - Incorrect Authorization via Scheduled Security Scan Policies
Sep 19, 2023
CVSS 8.2
EPSS 0.08
CVE-2023-4630
MEDIUM
GitLab <16.1.5-16.2.5-16.3.1 - Info Disclosure
Sep 11, 2023
CVSS 5.0
EPSS 0.00
CVE-2023-4647
MEDIUM
GitLab 15.2-16.1.4, 16.2-16.2.4, 16.3 - Denial of Service via Projects API Pagination Bypass
Sep 01, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-4378
MEDIUM
GitLab CE/EE <16.1.5, <16.2.5, <16.3.1 - Info Disclosure
Sep 01, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-4018
MEDIUM
GitLab <16.2.5-16.3.1 - Info Disclosure
Sep 01, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-3950
MEDIUM
GitLab 16.2-16.2.5, 16.3-16.3.1 - Unauthenticated Cleartext Storage of Sensitive Information in Google Cloud Logging
Sep 01, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-3915
MEDIUM
GitLab EE <16.1.5-16.3.1 - Privilege Escalation
Sep 01, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-3210
MEDIUM
GitLab 15.11-16.1.4, 16.2-16.2.4, 16.3 - Authenticated Denial of Service via Malicious Content Import/Clone
Sep 01, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-3205
MEDIUM
GitLab 15.11-16.1.4, 16.2-16.2.4, 16.3 - Authenticated Denial of Service via Malicious Content Import/Clone
Sep 01, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-1555
LOW
GitLab <16.1.5-16.2.5-16.3.1 - Info Disclosure
Sep 01, 2023
CVSS 2.7
EPSS 0.00
CVE-2023-1279
LOW
GitLab 4.1.0-16.1.4, 16.2.0-16.2.4, 16.3.0 - Open Redirect via Project URL
Sep 01, 2023
CVSS 2.6
EPSS 0.00
CVE-2023-0120
LOW
GitLab <16.1.5-16.3.1 - Info Disclosure
Sep 01, 2023
CVSS 3.5
EPSS 0.00
CVE-2023-4522
MEDIUM
GitLab < 16.2.0 - Denial of Service via Directory Names with LF Characters
Aug 30, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-4002
MEDIUM
GitLab EE <16.0.8, <16.1.3, <16.2.2 - Info Disclosure
Aug 04, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-4008
MEDIUM
GitLab CE/EE <16.0.8-16.2.2 - Info Disclosure
Aug 03, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-3932
HIGH
GitLab EE <16.0.8-16.2.2 - Privilege Escalation
Aug 03, 2023
CVSS 8.2
EPSS 0.01
CVE-2023-3401
MEDIUM
GitLab < 16.0.8, 16.1-16.1.3, 16.2-16.2.2 - Remote Code Execution via Repository Name
Aug 02, 2023
CVSS 4.8
EPSS 0.00
CVE-2023-2022
MEDIUM
GitLab CE/EE <16.0.8, <16.1.3, <16.2.2 - Info Disclosure
Aug 02, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-4011
MEDIUM
GitLab 15.11-16.2.2 - Denial of Service via Resource Consumption Spike
Aug 02, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-3994
HIGH
GitLab 9.3-16.0.7, 16.1-16.1.2, 16.2-16.2.1 - Regular Expression Denial of Service via ProjectReferenceFilter
Aug 02, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-3993
MEDIUM
GitLab 14.3-16.0.7, 16.1-16.1.2, 16.2-16.2.1 - Sensitive Information Disclosure in Log Files
Aug 02, 2023
CVSS 4.9
EPSS 0.01
CVE-2023-3900
MEDIUM
GitLab 16.1-16.1.3 and 16.2-16.2.2 - Denial of Service via Invalid 'start_sha' Value
Aug 02, 2023
CVSS 4.3
EPSS 0.01