gitlab
1,383 tracked vulnerabilities.
CVE-2023-2200
MEDIUM
GitLab CE/EE <15.11.10, <16.0.6, <16.1.1 - XSS
Jul 13, 2023
CVSS 4.1
EPSS 0.01
CVE-2023-2190
MEDIUM
GitLab CE/EE <15.11.10-16.0.6-16.1.1 - Info Disclosure
Jul 13, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-1936
LOW
GitLab CE/EE <15.11.10/<16.0.6/<16.1.1 - Info Disclosure
Jul 11, 2023
CVSS 3.5
EPSS 0.00
CVE-2023-2232
MEDIUM
GitLab 15.10-16.1 - Denial of Service via Jira Prefix Regular Expression
Jun 28, 2023
CVSS 6.5
EPSS 0.02
CVE-2023-2589
MEDIUM
GitLab 12.0-15.10.7, 15.11-15.11.6, 16.0-16.0.1 - IP Restriction Bypass via Repository Clone
Jun 07, 2023
CVSS 5.9
EPSS 0.00
CVE-2023-2485
MEDIUM
GitLab 14.1-15.10.7, 15.11-15.11.6, 16.0-16.0.1 - Incorrect Privilege Assignment via Project Member Import
Jun 07, 2023
CVSS 4.4
EPSS 0.00
CVE-2023-2199
HIGH
GitLab CE/EE <15.10.8/<16.0.2 - DoS
Jun 07, 2023
CVSS 7.5
EPSS 0.02
CVE-2023-2198
HIGH
GitLab CE/EE <15.10.8/<16.0.2 - DoS
Jun 07, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-2015
MEDIUM
GitLab 15.8-15.10.8, 15.11-15.11.7, 16.0-16.0.2 - Reflected Cross-Site Scripting via Abuse Report Creation
Jun 07, 2023
CVSS 4.4
EPSS 0.08
CVE-2023-2013
LOW
GitLab CE/EE <15.10.8, <15.11.7, <16.0.2 - Info Disclosure
Jun 07, 2023
CVSS 2.6
EPSS 0.00
CVE-2023-2001
MEDIUM
GitLab < 15.10.8, 15.11 < 15.11.7, 16.0 < 16.0.2 - Authentication Bypass by Spoofing via Protected Tag
Jun 07, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-1825
LOW
GitLab EE <15.10.8/<15.11.7/<16.0.2 - Info Disclosure
Jun 07, 2023
CVSS 3.1
EPSS 0.00
CVE-2023-0508
LOW
GitLab 15.4.0-15.10.7, 15.11.0-15.11.6, 16.0.0-16.0.1 - HTTP Response Splitting via NPM Package API
Jun 07, 2023
CVSS 3.1
EPSS 0.04
CVE-2023-0121
MEDIUM
GitLab CE/EE <15.10.8/<16.0.2 - DoS
Jun 07, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-2442
HIGH
GitLab 15.11.0-15.11.6 and 16.0.0-16.0.1 - Stored Cross-Site Scripting via Merge Request
Jun 07, 2023
CVSS 8.7
EPSS 0.84
CVE-2023-1621
MEDIUM
GitLab EE <15.10.5-15.11.1 - Privilege Escalation
Jun 06, 2023
CVSS 6.5
EPSS 0.02
CVE-2023-2132
HIGH
GitLab CE/EE <15.10.8/<15.11.7/<16.0.2 - DoS
Jun 06, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-0921
MEDIUM
GitLab 8.3-15.10.7, 15.11-15.11.6, 16.0-16.0.1 - Authenticated Denial of Service via Large Issue Description
Jun 06, 2023
CVSS 4.3
EPSS 0.21
CVE-2023-2825
CRITICAL
NUCLEI
GitLab Authenticated File Read
May 26, 2023
CVSS 10.0
EPSS 0.93
CVE-2023-2181
MEDIUM
GitLab <15.9.8-15.10.7-15.11.3 - Info Disclosure
May 12, 2023
CVSS 6.3
EPSS 0.02
CVE-2023-2478
CRITICAL
GitLab 15.4-15.9.6, 15.10-15.10.5, 15.11-15.11.1 - Unauthorized Runner Attachment via GraphQL Endpoint
May 08, 2023
CVSS 9.6
EPSS 0.00
CVE-2023-2182
MEDIUM
GitLab EE <15.10.5-15.11.1 - Privilege Escalation
May 03, 2023
CVSS 6.8
EPSS 0.00
CVE-2023-1178
MEDIUM
GitLab 8.6-15.9.5, 15.10-15.10.4, 15.11 - File Integrity Compromise via Tag or Release Reference
May 03, 2023
CVSS 5.7
EPSS 0.09
CVE-2023-0805
MEDIUM
GitLab 15.2-15.9.5, 15.10-15.10.4, 15.11 - Missing Authorization for Banned Group Members
May 03, 2023
CVSS 4.9
EPSS 0.00
CVE-2023-0756
MEDIUM
GitLab <15.9.6, <15.10.5, <15.11.1 - RCE
May 03, 2023
CVSS 4.8
EPSS 0.01