gitlab

CVE-2023-0518 MEDIUM

GitLab 14.0-15.6.6, 15.7-15.7.5, 15.8 - Denial of Service via Malicious Helm Chart Upload

Feb 13, 2023

CVSS 4.3

EPSS 0.02

CVE-2023-0042 MEDIUM

GitLab CE/EE <15.5.7-15.7.2 - Open Redirect

Jan 12, 2023

CVSS 6.1

EPSS 0.00

CVE-2022-4343 MEDIUM

GitLab EE <16.1.5-16.3.1 - Info Disclosure

Sep 01, 2023

CVSS 5.0

EPSS 0.00

CVE-2022-4143 MEDIUM

GitLab 15.7-15.8.4, 15.9-15.9.3, 15.10 - Unauthenticated Time-of-check Time-of-use Race Condition

Jun 28, 2023

CVSS 6.4

EPSS 0.00

CVE-2022-4376 LOW

GitLab <15.9.6, <15.10.5, <15.11.1 - Info Disclosure

May 03, 2023

CVSS 3.1

EPSS 0.01

CVE-2022-3513 MEDIUM

GitLab <15.8.5, <15.9.4, <15.10.1 - XSS

Apr 05, 2023

CVSS 6.1

EPSS 0.28

CVE-2022-3375 LOW

GitLab <15.8.5-15.10.1 - Info Disclosure

Apr 05, 2023

CVSS 3.1

EPSS 0.01

CVE-2022-3767 HIGH

GitLab Dynamic Application Security Testing Analyzer 1.11.0-3.0.32 - Improper Input Validation in Custom Request Headers

Mar 09, 2023

CVSS 7.7

EPSS 0.00

CVE-2022-3758 MEDIUM

GitLab 15.5.0-15.7.7, 15.8.0-15.8.3, 15.9.0-15.9.1 - Unauthenticated Private Snippet Access via Improper Permissions

Mar 09, 2023

CVSS 5.4

EPSS 0.00

CVE-2022-4331 MEDIUM

GitLab EE <15.7.8-<15.9.2 - Privilege Escalation

Mar 09, 2023

CVSS 5.7

EPSS 0.00

CVE-2022-4289 MEDIUM

GitLab <15.7.8-15.9.2 - Info Disclosure

Mar 09, 2023

CVSS 6.4

EPSS 0.03

CVE-2022-3381 MEDIUM

GitLab <15.7.8-15.9.2 - Open Redirect

Mar 09, 2023

CVSS 4.3

EPSS 0.01

CVE-2022-4462 MEDIUM

GitLab <15.7.8-15.9.2 - Info Disclosure

Mar 09, 2023

CVSS 5.0

EPSS 0.00

CVE-2022-4317 MEDIUM

GitLab DAST analyzer <3.0.51 - SSRF

Mar 09, 2023

CVSS 5.0

EPSS 0.00

CVE-2022-4315 MEDIUM

GitLab DAST Analyzer 2.0-3.0.54 - Incorrect Authorization via Custom Request Headers

Mar 08, 2023

CVSS 5.0

EPSS 0.00

CVE-2022-4007 MEDIUM

GitLab 15.3-15.7.8, 15.8-15.8.4, 15.9-15.9.2 - Stored Cross-Site Scripting in Work Item Title Field

Mar 08, 2023

CVSS 5.4

EPSS 0.01

CVE-2022-4138 MEDIUM

GitLab < 15.6.7, 15.7-15.7.6, 15.8-15.8.1 - Cross-Site Request Forgery

Feb 13, 2023

CVSS 6.4

EPSS 0.00

CVE-2022-3759 MEDIUM

GitLab 14.3-15.6.6, 15.7-15.7.5, 15.8 - Denial of Service via Crafted CI Job Artifact Zip File

Feb 13, 2023

CVSS 4.3

EPSS 0.02

CVE-2022-3411 MEDIUM

GitLab 12.4-15.6.6, 15.7-15.7.5, 15.8-15.8.0 - Authenticated Denial of Service via Large Issue Description

Feb 13, 2023

CVSS 6.5

EPSS 0.02

CVE-2022-4206 MEDIUM

GitLab DAST API Scanner 1.6.50-2.0.101 - Exposure of Sensitive Information via Authorization Header

Feb 01, 2023

CVSS 5.0

EPSS 0.00

CVE-2022-4255 MEDIUM

GitLab EE <15.4.6, <15.5.5, <15.6.1 - Info Disclosure

Jan 27, 2023

CVSS 4.3

EPSS 0.00

CVE-2022-4205 MEDIUM

GitLab < 15.6.1, 15.5.5, 15.4.6 - Type Confusion via Hexadecimal Branch Name

Jan 27, 2023

CVSS 6.3

EPSS 0.00

CVE-2022-4201 LOW

GitLab 11.3-15.4.5, 15.5-15.5.4, 15.6-15.6.0 - Server-Side Request Forgery via GitLab Runner Configuration

Jan 27, 2023

CVSS 3.5

EPSS 0.00

CVE-2022-4335 MEDIUM

GitLab < 15.4.6, 15.5 < 15.5.5, 15.6 < 15.6.1 - Server-Side Request Forgery

Jan 27, 2023

CVSS 4.3

EPSS 0.00

CVE-2022-4092 MEDIUM

GitLab EE <15.6.1 - Info Disclosure

Jan 26, 2023

CVSS 5.7

EPSS 0.05