Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / gitlab

gitlab

1,383 tracked vulnerabilities.

CVE-2021-39898 LOW

GitLab 10.6.0-14.1.6 - Exposure of Sensitive Information via Project Export

CVE-2021-39897 LOW

GitLab CE/EE >=10.5 - Info Disclosure

CVE-2021-39895 MEDIUM

GitLab 8.0.0-14.1.7 - Information Disclosure via Imported Pipeline Schedules

CVE-2021-22260 HIGH

GitLab 13.7-14.0.8, 14.1-14.1.3, 14.2-14.2.1 - Stored Cross-Site Scripting in DataDog Integration

CVE-2021-39914 LOW

GitLab 8.13-14.2.5 14.3.0-14.3.3 14.4.0 - Regular Expression Denial of Service via Username Provisioning

CVE-2021-39903 MEDIUM

GitLab CE/EE <13.0 - Privilege Escalation

CVE-2021-39902 MEDIUM

GitLab 13.4-14.2.6 - Incorrect Authorization in Incident Severity Modification

CVE-2021-22263 MEDIUM

GitLab 13.0-14.0.8, 14.1-14.1.3, 14.2-14.2.1 - Privilege Escalation via Project Token Abuse

CVE-2021-39880 MEDIUM

GitLab 11.9-13.12, 14.0-14.0.8, 14.1-14.1.3, 14.2-14.2.1 - Denial of Service via Apollo Upload Server Middleware

CVE-2021-39891 MEDIUM

GitLab CE/EE >=8.0 - Info Disclosure

CVE-2021-39889 MEDIUM

GitLab 14.1.0-14.1.7 - Authorization Bypass via Protected Branch ID

CVE-2021-39886 LOW

GitLab 10.6.0-14.1.7 - Unauthenticated Confidential Epic Reference Exposure via Issue Move

CVE-2021-39881 LOW

GitLab 7.7.0-14.1.7 - OAuth Scope Spoofing via Arbitrary Scope Names

CVE-2021-39870 MEDIUM

GitLab 11.11.0-14.1.7 - Unauthenticated Repository Import Bypass via Crafted API Call

CVE-2021-22264 MEDIUM

GitLab <14.0.9-14.1.4-14.2.2 - Info Disclosure

CVE-2021-22262 MEDIUM

GitLab 13.12-14.0.8, 14.1-14.1.3, 14.2-14.2.1 - Incorrect Authorization in Jira Connect Namespace Management

CVE-2021-22261 HIGH

GitLab 13.9-14.0.8, 14.1-14.1.3, 14.2-14.2.1 - Stored Cross-Site Scripting via Jira Integration

CVE-2021-22258 MEDIUM

GitLab 8.9-14.0.8 - Unauthenticated Email Address Exposure via Project Import/Export

CVE-2021-22257 MEDIUM

GitLab <14.0.9-14.2.2 - Info Disclosure

CVE-2021-39894 MEDIUM

GitLab 8.0.0-14.1.7 - Server-Side Request Forgery via Fogbugz Importer DNS Rebinding

CVE-2021-39893 MEDIUM

GitLab 9.1.0-14.1.6 - Unauthenticated Denial of Service via File Parsing

CVE-2021-39888 MEDIUM

GitLab EE <14.1.7, <14.2.5, <14.3.1 - Info Disclosure

CVE-2021-39884 MEDIUM

GitLab 8.13.0-14.1.7 - Unauthenticated Private Group Name Disclosure

CVE-2021-39882 MEDIUM

GitLab - Unauthenticated Cleartext Transmission of Sensitive Information via User ID Endpoints

CVE-2021-39878 MEDIUM

GitLab 13.0-14.3.1 - Stored Cross-Site Scripting in Jira Integration

Previous Page 32 of 56 Next

Products

gitlab 1,368 GitLab 110 gitlab-shell 5 dynamic_application_security_testing_analyzer 4 runner 3 gitlab-vscode-extension 2 GitLab AI Gateway 1 dast_api_scanner 1 gitaly 1 gitlab_runner 1 language_server 1 omnibus 1

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy