gitlab

1,423 tracked vulnerabilities.

CVE-2022-2428 MEDIUM
GitLab < 15.1.6, 15.2-15.2.4, 15.3-15.3.2 - Server-Side Request Forgery via Jupyter Notebook Viewer
Oct 17, 2022
CVSS 6.4
EPSS 0.01
CVE-2022-2539 MEDIUM
GitLab CE/EE <15.0.5-15.2.1 - Info Disclosure
Aug 05, 2022
CVSS 5.3
EPSS 0.01
CVE-2022-2534 LOW
GitLab CE/EE <15.0.5-15.2.1 - Info Disclosure
Aug 05, 2022
CVSS 2.2
EPSS 0.01
CVE-2022-2531 MEDIUM
GitLab EE <15.0.5-15.2.1 - Path Traversal
Aug 05, 2022
CVSS 5.3
EPSS 0.01
CVE-2022-2512 MEDIUM
GitLab CE/EE <15.0.5-15.2.1 - Info Disclosure
Aug 05, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-2501 MEDIUM
GitLab EE <15.0.5-15.2.1 - Auth Bypass
Aug 05, 2022
CVSS 5.9
EPSS 0.01
CVE-2022-2500 MEDIUM
GitLab < 15.0.5, 15.1 < 15.1.4, 15.2 < 15.2.1 - Stored Cross-Site Scripting in Job Error Messages
Aug 05, 2022
CVSS 4.4
EPSS 0.01
CVE-2022-2499 LOW
GitLab 13.10.0-15.0.4, 15.1.0-15.1.3, 15.2.0 - Authorization Bypass via Jira Integration
Aug 05, 2022
CVSS 3.5
EPSS 0.01
CVE-2022-2498 MEDIUM
GitLab 12.8-15.0.4, 15.1-15.1.3, 15.2 - Improper Privilege Management in Pipeline Subscriptions
Aug 05, 2022
CVSS 6.4
EPSS 0.01
CVE-2022-2497 HIGH
GitLab CE/EE <15.0.5, <15.1.4, <15.2.1 - Info Disclosure
Aug 05, 2022
CVSS 8.5
EPSS 0.01
CVE-2022-2459 LOW
GitLab < 15.0.5, 15.1 < 15.1.4, 15.2 < 15.2.1 - Missing Authorization for Email Invited Members
Aug 05, 2022
CVSS 2.7
EPSS 0.01
CVE-2022-2456 MEDIUM
GitLab CE/EE <15.0.5, <15.1.4, <15.2.1 - Info Disclosure
Aug 05, 2022
CVSS 4.9
EPSS 0.01
CVE-2022-2417 MEDIUM
GitLab 12.10-15.0.4, 15.1-15.1.3, 15.2-15.2.0 - Authenticated Supply Chain Attack via Branch Name Spoofing
Aug 05, 2022
CVSS 6.2
EPSS 0.01
CVE-2022-2326 MEDIUM
GitLab CE/EE <15.0.5, <15.1.4, <15.2.1 - Info Disclosure
Aug 05, 2022
CVSS 6.4
EPSS 0.01
CVE-2022-2307 LOW
GitLab CE/EE <15.0.5-15.2.1 - Info Disclosure
Aug 05, 2022
CVSS 3.5
EPSS 0.00
CVE-2022-2303 MEDIUM
GitLab CE/EE <15.0.5, <15.1.4, <15.2.1 - Auth Bypass
Aug 05, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-2095 MEDIUM
GitLab 13.7-15.0.4, 15.1-15.1.3, 15.2 - Authenticated Deploy Key Information Disclosure
Aug 05, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-1948 HIGH
GitLab 15.0 - Stored Cross-Site Scripting via Quick Actions Contact Details Injection
Jul 28, 2022
CVSS 8.7
EPSS 0.01
CVE-2022-1954 MEDIUM
GitLab 1.0.2-14.10.4, 15.0-15.0.3, 15.1 - Regular Expression Denial of Service via Web Server Response Headers
Jul 01, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-0167 LOW
GitLab <14.4.5-14.6.2 - Info Disclosure
Jul 01, 2022
CVSS 3.1
EPSS 0.01
CVE-2022-2270 LOW
GitLab 12.4-14.10.4, 15.0-15.0.3, 15.1 - Incorrect Default Permissions
Jul 01, 2022
CVSS 3.5
EPSS 0.01
CVE-2022-2229 HIGH
GitLab CE/EE <14.10.5-15.0.4-15.1.1 - Info Disclosure
Jul 01, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-2228 MEDIUM
GitLab EE <14.10.5, <15.0.4, <15.1.1 - Info Disclosure
Jul 01, 2022
CVSS 5.3
EPSS 0.01
CVE-2022-1999 LOW
GitLab CE/EE <14.10.5-15.1.1 - Info Disclosure
Jul 01, 2022
CVSS 3.1
EPSS 0.01
CVE-2022-1981 LOW
GitLab EE <14.10.5, <15.0.4, <15.1.1 - Auth Bypass
Jul 01, 2022
CVSS 2.7
EPSS 0.01