Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / gitlab

gitlab

1,383 tracked vulnerabilities.

CVE-2022-1821 MEDIUM

GitLab CE/EE <14.9.5-15.0.1 - Info Disclosure

CVE-2022-1783 LOW

GitLab CE/EE <14.9.5-15.0.1 - Privilege Escalation

CVE-2022-1423 HIGH

GitLab 1.0.2-14.8.5, 14.9.0-14.9.3, 14.10.0 - RCE via CI/CD Cache Poisoning

CVE-2022-1416 MEDIUM

GitLab 1.0.2-14.8.5, 14.9.0-14.9.3, 14.10.0 - Stored Cross-Site Scripting in Pipeline Error Messages

CVE-2022-1413 MEDIUM

GitLab 1.0.2-14.8.5, 14.9.0-14.9.3, 14.10.0 - Insufficiently Protected Credentials via Integration Properties

CVE-2022-1545 MEDIUM

Gitlab CE/EE <14.8.6-14.10.1 - Info Disclosure

CVE-2022-1510 MEDIUM

GitLab <14.8.6-14.9.4-14.10.1 - DoS

CVE-2022-1460 MEDIUM

GitLab 9.2-14.8.5, 14.9-14.9.3, 14.10 - Incorrect Authorization for Scheduled Pipelines

CVE-2022-1433 LOW

GitLab 14.4-14.8.5, 14.9-14.9.3, 14.10 - Stored Cross-Site Scripting via Markdown Cache Invalidation Bypass

CVE-2022-1428 MEDIUM

GitLab < 14.8.6, 14.9 < 14.9.4, 14.10 < 14.10.1 - Allocation of Resources Without Limits or Throttling

CVE-2022-1426 LOW

GitLab 12.6-14.8.5, 14.9-14.9.3, 14.10 - Improper Authentication

CVE-2022-1406 MEDIUM

GitLab 8.12-14.8.5, 14.9.0-14.9.3, 14.10.0 - CI/CD Variable Exposure via Malicious Project Import

CVE-2022-1352 MEDIUM

GitLab 11.0-14.8.6, 14.9-14.9.4, 14.10-14.10.1 - Insecure Direct Object Reference in Issue API

CVE-2022-1124 MEDIUM

GitLab < 14.8.6, 14.9.0-14.9.4, 14.10.0 - Incorrect Authorization for Job Trace Log Access

CVE-2022-1431 MEDIUM

GitLab 12.10-14.8.5, 14.9-14.9.3, 14.10 - Denial of Service via PyPi API Endpoint

CVE-2022-1417 MEDIUM

GitLab 8.12-14.8.5, 14.9-14.9.3, 14.10 - Unauthenticated Project Wiki Access via CI Job

CVE-2022-0477 MEDIUM

GitLab <14.5.4, <14.6.4, <14.7.1 - DoS

CVE-2022-1193 MEDIUM

GitLab 10.7-14.7.7, 14.8-14.8.5, 14.9-14.9.2 - Unauthenticated Improper Access Control via Merge Requests

CVE-2022-1157 LOW

GitLab < 14.7.7, 14.8 < 14.8.5, 14.9 < 14.9.2 - Sensitive Information Exposure via Exception Log

CVE-2022-1190 HIGH

GitLab 8.3-14.7.7, 14.8-14.8.5, 14.9-14.9.2 - Stored Cross-Site Scripting via Multi-Word Milestone References

CVE-2022-1189 LOW

GitLab CE/EE <14.7.7-14.9.2 - Info Disclosure

CVE-2022-1188 LOW

GitLab 12.1-14.7.6, 14.8-14.8.4, 14.9-14.9.1 - Server-Side Request Forgery via Repository Mirroring

CVE-2022-1185 MEDIUM

GitLab 10.0.0-14.7.7 14.8.0-14.8.5 14.9.0-14.9.2 - Denial of Service via RDoc File Rendering

CVE-2022-1175 HIGH

GitLab 14.4-14.6.7 14.8-14.8.4 14.9-14.9.1 - Stored Cross-Site Scripting via Notes

CVE-2022-1174 MEDIUM

GitLab 13.7-14.7.6, 14.8-14.8.4, 14.9-14.9.1 - DoS via Crafted Input

Previous Page 28 of 56 Next

Products

gitlab 1,368 GitLab 108 gitlab-shell 5 dynamic_application_security_testing_analyzer 4 runner 3 gitlab-vscode-extension 2 GitLab AI Gateway 1 dast_api_scanner 1 gitaly 1 gitlab_runner 1 language_server 1 omnibus 1

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy