gitlab

1,383 tracked vulnerabilities.

CVE-2023-2069 MEDIUM
GitLab 10.0-12.9.7, 12.10-12.10.6, 13.0 - Authenticated CI/CD Variable Exposure via Project Import
May 03, 2023
CVSS 6.4
EPSS 0.01
CVE-2023-1965 MEDIUM
GitLab EE <15.9.6, <15.10.5, <15.11.1 - Open Redirect
May 03, 2023
CVSS 6.8
EPSS 0.00
CVE-2023-1836 MEDIUM
GitLab <15.9.6-15.10.5-15.11.1 - XSS
May 03, 2023
CVSS 4.4
EPSS 0.02
CVE-2023-1265 MEDIUM
GitLab <15.9.6-15.11.1 - Info Disclosure
May 03, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-1204 MEDIUM
GitLab 10.1-15.10.7, 15.11-15.11.6, 16.0-16.0.1 - Cryptographic Signature Verification Bypass
May 03, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-0485 MEDIUM
GitLab 13.11-15.8.4, 15.9-15.9.3, 15.10 - Unauthorized Project Update Access via Fork Diff
May 03, 2023
CVSS 6.5
EPSS 0.02
CVE-2023-0155 MEDIUM
GitLab CE/EE <15.8.5-15.10.1 - Open Redirect
May 03, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-1787 MEDIUM
GitLab <15.9.4-15.10.1 - Info Disclosure
Apr 05, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-1710 MEDIUM
GitLab <15.8.5, <15.9.4, <15.10.1 - Info Disclosure
Apr 05, 2023
CVSS 5.3
EPSS 0.03
CVE-2023-1708 MEDIUM
GitLab CE/EE <15.8.5-15.10.1 - Code Injection
Apr 05, 2023
CVSS 5.7
EPSS 0.05
CVE-2023-1417 MEDIUM
GitLab <15.9.4-15.10.1 - Info Disclosure
Apr 05, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-1167 MEDIUM
GitLab 12.3.0-15.8.4, 15.9.0-15.9.3, 15.10.0 - Unauthenticated Security Report Access in Merge Requests
Apr 05, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-1071 LOW
GitLab 15.5-15.8.4, 15.9-15.9.3, 15.10 - Unauthenticated Issue Removal from Epic via Improper Permissions Check
Apr 05, 2023
CVSS 3.1
EPSS 0.00
CVE-2023-0838 MEDIUM
GitLab 15.1-15.8.4, 15.9-15.9.3, 15.10 - Authenticated Webhook Secret Exposure via URL Parameter Injection
Apr 05, 2023
CVSS 5.5
EPSS 0.01
CVE-2023-0450 LOW
GitLab <15.8.5, 15.9-15.9.4, 15.10-15.10.1 - CSRF
Apr 05, 2023
CVSS 3.7
EPSS 0.02
CVE-2023-1733 MEDIUM
GitLab 11.10-15.8.5, 15.9-15.9.4, 15.10-15.10.1 - Denial of Service in Prometheus Server
Apr 05, 2023
CVSS 5.8
EPSS 0.02
CVE-2023-1098 MEDIUM
GitLab 11.5-15.8.4, 15.9-15.9.3, 15.10 - Information Disclosure via Repository Mirror Configuration
Apr 05, 2023
CVSS 5.8
EPSS 0.00
CVE-2023-0523 MEDIUM
GitLab 15.6-15.7.6 15.9-15.9.3 15.10 - Cross-Site Scripting via Malicious Email Address
Apr 05, 2023
CVSS 5.4
EPSS 0.22
CVE-2023-0319 MEDIUM
GitLab <15.8.5-15.9.4-15.10.1 - Info Disclosure
Apr 05, 2023
CVSS 5.8
EPSS 0.01
CVE-2023-0326 MEDIUM
GitLab DAST API Scanner 1.6.50-2.10.9 - Authorization Header Leak in Vulnerability Report Evidence
Mar 27, 2023
CVSS 5.0
EPSS 0.00
CVE-2023-1072 MEDIUM
GitLab 9.0-15.7.7, 15.8-15.8.3, 15.9-15.9.1 - Uncontrolled Resource Consumption via Commit Details Request
Mar 09, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-0050 HIGH
GitLab 13.7-15.7.7, 15.8-15.8.3, 15.9-15.9.1 - Stored Cross-Site Scripting via Kroki Diagram
Mar 09, 2023
CVSS 8.7
EPSS 0.57
CVE-2023-0223 MEDIUM
GitLab <15.7.8-15.9.2 - Info Disclosure
Mar 09, 2023
CVSS 5.3
EPSS 0.02
CVE-2023-1084 LOW
GitLab CE/EE <15.7.8, <15.8.4, <15.9.2 - Privilege Escalation
Mar 09, 2023
CVSS 2.7
EPSS 0.03
CVE-2023-0483 MEDIUM
GitLab <15.7.8-15.9.2 - Info Disclosure
Mar 09, 2023
CVSS 5.5
EPSS 0.00
Products
gitlab 1,368 GitLab 108 gitlab-shell 5 dynamic_application_security_testing_analyzer 4 runner 3 gitlab-vscode-extension 2 GitLab AI Gateway 1 dast_api_scanner 1 gitaly 1 gitlab_runner 1 language_server 1 omnibus 1
Quick Filters
Critical CVEs With Exploits In CISA KEV