gitlab

1,423 tracked vulnerabilities.

CVE-2022-4342 MEDIUM
GitLab CE/EE <15.5.7/<15.6.4/<15.7.2 - Info Disclosure
Jan 12, 2023
CVSS 5.5
EPSS 0.01
CVE-2022-4167 MEDIUM
GitLab 13.11.0-15.5.6, 15.6.0-15.6.3, 15.7.0-15.7.1 - Incorrect Authorization in Group Access Token Revocation
Jan 12, 2023
CVSS 5.3
EPSS 0.01
CVE-2022-4131 MEDIUM
GitLab 10.8.0-15.5.6, 15.6.0-15.6.3, 15.7.0-15.7.1 - Denial of Service via User Agent Regex Parsing
Jan 12, 2023
CVSS 4.3
EPSS 0.01
CVE-2022-4037 MEDIUM
GitLab CE/EE <15.5.7, <15.6.4, <15.7.2 - Info Disclosure
Jan 12, 2023
CVSS 6.4
EPSS 0.01
CVE-2022-3870 MEDIUM
GitLab CE/EE <15.5.7-15.6.4-15.7.2 - Info Disclosure
Jan 12, 2023
CVSS 5.3
EPSS 0.01
CVE-2022-3613 MEDIUM
GitLab < 15.5.7, 15.6 < 15.6.4, 15.7 < 15.7.2 - Denial of Service via Prometheus Server Query
Jan 12, 2023
CVSS 5.8
EPSS 0.01
CVE-2022-3573 MEDIUM
GitLab CE/EE <15.5.7/<15.6.4/<15.7.2 - XSS
Jan 12, 2023
CVSS 5.4
EPSS 0.01
CVE-2022-3514 MEDIUM
GitLab CE/EE <15.5.7-15.6.4-15.7.2 - DoS
Jan 12, 2023
CVSS 4.3
EPSS 0.01
CVE-2022-3819 LOW
GitLab CE/EE <15.3.5-15.5.2 - Auth Bypass
Nov 10, 2022
CVSS 3.5
EPSS 0.00
CVE-2022-3818 MEDIUM
GitLab < 15.3.5, 15.4 < 15.4.4, 15.5 < 15.5.2 - Denial of Service via URL Parsing
Nov 10, 2022
CVSS 5.3
EPSS 0.01
CVE-2022-3793 MEDIUM
GitLab CE/EE <15.3.5-15.5.2 - Info Disclosure
Nov 10, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-3726 MEDIUM
GitLab 12.6-15.3.5, 15.4-15.4.4, 15.5-15.5.2 - Server-Side Request Forgery via Swagger OpenAPI Viewer
Nov 10, 2022
CVSS 4.8
EPSS 0.01
CVE-2022-3706 LOW
GitLab CE/EE <15.3.5, <15.4.4, <15.5.2 - Privilege Escalation
Nov 10, 2022
CVSS 3.1
EPSS 0.01
CVE-2022-3413 MEDIUM
GitLab 14.5-15.3.5 15.4-15.4.4 15.5-15.5.2 - Authorization Bypass in Audit Events Display
Nov 10, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-3486 MEDIUM
GitLab 9.3-15.3.5, 15.4-15.4.4, 15.5-15.5.2 - Open Redirect
Nov 09, 2022
CVSS 4.7
EPSS 0.01
CVE-2022-3483 MEDIUM
GitLab CE/EE <15.3.5, <15.4.4, <15.5.2 - Info Disclosure
Nov 09, 2022
CVSS 5.5
EPSS 0.01
CVE-2022-3285 MEDIUM
GitLab <15.2.5-15.4.1 - Auth Bypass
Nov 09, 2022
CVSS 5.3
EPSS 0.01
CVE-2022-3280 LOW
GitLab CE/EE <15.3.5-15.5.2 - Open Redirect
Nov 09, 2022
CVSS 3.5
EPSS 0.01
CVE-2022-3265 HIGH
GitLab CE/EE <15.3.5, <15.4.4, <15.5.2 - XSS
Nov 09, 2022
CVSS 7.3
EPSS 0.86
CVE-2022-2761 MEDIUM
GitLab 14.4-15.3.4, 15.4-15.4.3, 15.5-15.5.1 - Information Disclosure via GitLab Flavored Markdown References
Nov 09, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-2904 HIGH
GitLab 15.2-15.2.4, 15.3-15.3.3, 15.4-15.4.0 - Stored Cross-Site Scripting via External Status Checks
Nov 02, 2022
CVSS 7.3
EPSS 0.01
CVE-2022-2826 LOW
GitLab <12.9.8, <12.10.7, <13.0.1 - Info Disclosure
Oct 28, 2022
CVSS 2.7
EPSS 0.01
CVE-2022-3018 MEDIUM
GitLab CE/EE <15.2.5-15.4.1 - Info Disclosure
Oct 28, 2022
CVSS 6.8
EPSS 0.01
CVE-2022-2882 MEDIUM
GitLab CE/EE <15.2.5, <15.3.4, <15.4.1 - Info Disclosure
Oct 28, 2022
CVSS 5.5
EPSS 0.01
CVE-2022-3639 MEDIUM
GitLab 10.8.0-15.1.5, 15.2.0-15.2.3, 15.3.0-15.3.1 - Denial of Service via Branch Creation
Oct 21, 2022
CVSS 4.3
EPSS 0.01