Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / gitlab

gitlab

1,383 tracked vulnerabilities.

CVE-2021-39875 MEDIUM

GitLab CE/EE <13.6 - Info Disclosure

CVE-2021-39872 MEDIUM

GitLab >=14.1.0 <14.1.7 - Improper Access Control via Expired Password Bypass

CVE-2021-39869 MEDIUM

GitLab CE/EE <8.9 - Info Disclosure

CVE-2021-39867 MEDIUM

GitLab 8.15.0-14.1.7 - Server-Side Request Forgery via Gitea Importer

CVE-2021-39866 MEDIUM

GitLab >=13.6.0 <14.1.7 - Persistent Access via Project Access Token

CVE-2021-39887 HIGH

GitLab 8.4.0-14.1.7 - Stored Cross-Site Scripting in GitLab Flavored Markdown

CVE-2021-39900 LOW

GitLab 10.8.0-14.1.6 - Information Disclosure via SendEntry Rails Log Exposure

CVE-2021-39899 LOW

GitLab < 14.1.7 - Weak Password Recovery Mechanism via Brute Force Attack

CVE-2021-39896 LOW

GitLab CE/EE <8.0 - Privilege Escalation

CVE-2021-39885 HIGH

GitLab 13.7.0-14.1.6, 14.2.0-14.2.4, 14.3.0 - Stored Cross-Site Scripting via Approval Rule Name

CVE-2021-39883 MEDIUM

GitLab 13.11.0-14.1.6, 14.2.0-14.2.4, 14.3.0 - Unauthorized Epic Visibility to Subgroup Members

CVE-2021-39879 LOW

GitLab 7.11.0-14.1.7 - Missing Authentication for Two-Factor Disabling

CVE-2021-39877 HIGH

GitLab 12.2.0-14.1.6 - Uncontrolled Resource Consumption via Specially Crafted File

CVE-2021-39874 MEDIUM

GitLab CE/EE <11.0 - Info Disclosure

CVE-2021-39873 MEDIUM

GitLab - Content Spoofing via Error Response

CVE-2021-39871 MEDIUM

GitLab 13.0-14.1.7 - Bitbucket Server Import Restriction Bypass via Crafted API Call

CVE-2021-39868 MEDIUM

GitLab 8.12.0-14.1.7 - Authenticated Unlimited Repository Size Assignment via Project Export

CVE-2021-22259 MEDIUM

GitLab 12.6.0-14.1.6 - Denial of Service via Dependencies API

CVE-2021-22239 MEDIUM

GitLab 14.0.0-14.0.7 - Unauthenticated Metadata Injection in Issue Creation

CVE-2021-22256 MEDIUM

GitLab 12.6.0-13.12.8 - Unauthenticated Issue Creation for Sentry Errors

CVE-2021-22250 MEDIUM

GitLab CE/EE <13.3 - Info Disclosure

CVE-2021-22247 MEDIUM

GitLab 13.0.0-13.12.9 - Incorrect Authorization for CI/CD Analytics

CVE-2021-22245 LOW

GitLab < 13.12.9 - Denial of Service via Improper Commit Author Validation

CVE-2021-22244 LOW

GitLab 13.1.0-13.12.9 - Unauthenticated Improper Authorization in Vulnerability Report Feature

CVE-2021-22243 MEDIUM

GitLab 7.10.0-13.12.8 - Incorrect Authorization via Invite URL

Previous Page 33 of 56 Next

Products

gitlab 1,368 GitLab 110 gitlab-shell 5 dynamic_application_security_testing_analyzer 4 runner 3 gitlab-vscode-extension 2 GitLab AI Gateway 1 dast_api_scanner 1 gitaly 1 gitlab_runner 1 language_server 1 omnibus 1

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy