gitlab

1,423 tracked vulnerabilities.

CVE-2023-1417 MEDIUM
GitLab <15.9.4-15.10.1 - Info Disclosure
Apr 05, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-1167 MEDIUM
GitLab 12.3.0-15.8.4, 15.9.0-15.9.3, 15.10.0 - Unauthenticated Security Report Access in Merge Requests
Apr 05, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-1071 LOW
GitLab 15.5-15.8.4, 15.9-15.9.3, 15.10 - Unauthenticated Issue Removal from Epic via Improper Permissions Check
Apr 05, 2023
CVSS 3.1
EPSS 0.00
CVE-2023-0838 MEDIUM
GitLab 15.1-15.8.4, 15.9-15.9.3, 15.10 - Authenticated Webhook Secret Exposure via URL Parameter Injection
Apr 05, 2023
CVSS 5.5
EPSS 0.01
CVE-2023-0450 LOW
GitLab <15.8.5, 15.9-15.9.4, 15.10-15.10.1 - CSRF
Apr 05, 2023
CVSS 3.7
EPSS 0.01
CVE-2023-1733 MEDIUM
GitLab 11.10-15.8.5, 15.9-15.9.4, 15.10-15.10.1 - Denial of Service in Prometheus Server
Apr 05, 2023
CVSS 5.8
EPSS 0.01
CVE-2023-1098 MEDIUM
GitLab 11.5-15.8.4, 15.9-15.9.3, 15.10 - Information Disclosure via Repository Mirror Configuration
Apr 05, 2023
CVSS 5.8
EPSS 0.01
CVE-2023-0523 MEDIUM
GitLab 15.6-15.7.6 15.9-15.9.3 15.10 - Cross-Site Scripting via Malicious Email Address
Apr 05, 2023
CVSS 5.4
EPSS 0.01
CVE-2023-0319 MEDIUM
GitLab <15.8.5-15.9.4-15.10.1 - Info Disclosure
Apr 05, 2023
CVSS 5.8
EPSS 0.01
CVE-2023-0326 MEDIUM
GitLab DAST API Scanner 1.6.50-2.10.9 - Authorization Header Leak in Vulnerability Report Evidence
Mar 27, 2023
CVSS 5.0
EPSS 0.01
CVE-2023-1072 MEDIUM
GitLab 9.0-15.7.7, 15.8-15.8.3, 15.9-15.9.1 - Uncontrolled Resource Consumption via Commit Details Request
Mar 09, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-0050 HIGH
GitLab 13.7-15.7.7, 15.8-15.8.3, 15.9-15.9.1 - Stored Cross-Site Scripting via Kroki Diagram
Mar 09, 2023
CVSS 8.7
EPSS 0.92
CVE-2023-0223 MEDIUM
GitLab <15.7.8-15.9.2 - Info Disclosure
Mar 09, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-1084 LOW
GitLab CE/EE <15.7.8, <15.8.4, <15.9.2 - Privilege Escalation
Mar 09, 2023
CVSS 2.7
EPSS 0.01
CVE-2023-0483 MEDIUM
GitLab <15.7.8-15.9.2 - Info Disclosure
Mar 09, 2023
CVSS 5.5
EPSS 0.01
CVE-2023-0518 MEDIUM
GitLab 14.0-15.6.6, 15.7-15.7.5, 15.8 - Denial of Service via Malicious Helm Chart Upload
Feb 13, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-0042 MEDIUM
GitLab CE/EE <15.5.7-15.7.2 - Open Redirect
Jan 12, 2023
CVSS 6.1
EPSS 0.00
CVE-2022-4343 MEDIUM
GitLab EE <16.1.5-16.3.1 - Info Disclosure
Sep 01, 2023
CVSS 5.0
EPSS 0.00
CVE-2022-4143 MEDIUM
GitLab 15.7-15.8.4, 15.9-15.9.3, 15.10 - Unauthenticated Time-of-check Time-of-use Race Condition
Jun 28, 2023
CVSS 6.4
EPSS 0.01
CVE-2022-4376 LOW
GitLab <15.9.6, <15.10.5, <15.11.1 - Info Disclosure
May 03, 2023
CVSS 3.1
EPSS 0.01
CVE-2022-3513 MEDIUM
GitLab <15.8.5, <15.9.4, <15.10.1 - XSS
Apr 05, 2023
CVSS 6.1
EPSS 0.01
CVE-2022-3375 LOW
GitLab <15.8.5-15.10.1 - Info Disclosure
Apr 05, 2023
CVSS 3.1
EPSS 0.01
CVE-2022-3767 HIGH
GitLab Dynamic Application Security Testing Analyzer 1.11.0-3.0.32 - Improper Input Validation in Custom Request Headers
Mar 09, 2023
CVSS 7.7
EPSS 0.01
CVE-2022-3758 MEDIUM
GitLab 15.5.0-15.7.7, 15.8.0-15.8.3, 15.9.0-15.9.1 - Unauthenticated Private Snippet Access via Improper Permissions
Mar 09, 2023
CVSS 5.4
EPSS 0.01
CVE-2022-4331 MEDIUM
GitLab EE <15.7.8-<15.9.2 - Privilege Escalation
Mar 09, 2023
CVSS 5.7
EPSS 0.01