Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / gitlab

gitlab

1,383 tracked vulnerabilities.

CVE-2017-0921 HIGH

GitLab <10.1.6-10.3.4 - Info Disclosure

CVE-2017-0919 HIGH

GitLab <10.1.6-10.3.4 - Auth Bypass

CVE-2017-0920 MEDIUM

GitLab <10.1.6, 10.2.6, 10.3.4 - Auth Bypass

CVE-2017-0927 MEDIUM

GitLab 8.16.0-9.5.9 - Unauthenticated Improper Authorization in Deployment Keys

CVE-2017-0926 HIGH

GitLab 8.8.0-9.5.9 - Unauthenticated Unauthorized User Login via OAuth Sign-In

CVE-2017-0925 HIGH

Gitlab EE <10.1.0 - Info Disclosure

CVE-2017-0924 MEDIUM

GitLab 10.2.4 - Stored Cross-Site Scripting in Labels Component

CVE-2017-0923 MEDIUM

GitLab 9.1 - Stored Cross-Site Scripting in IPython Notebooks

CVE-2017-0922 HIGH

GitLab 9.1.0-9.5.10 - Authorization Bypass in Projects::BoardsController

CVE-2017-0918 HIGH

Gitlab CE <10.3 - Path Traversal, RCE

CVE-2017-0917 MEDIUM

GitLab 10.1.0-10.1.5 - Stored Cross-Site Scripting in CI Job Component

CVE-2017-0916 CRITICAL

GitLab 8.8.0-10.1.5 - Remote Code Execution via Web Hook Input Validation Bypass

CVE-2017-0915 CRITICAL

GitLab 8.9.0-9.5.9 - Remote Code Execution via GitlabProjectsImportService Input Validation

CVE-2017-0914 HIGH

GitLab 10.1, 10.2, 10.2.4 - SQL Injection in MilestoneFinder

CVE-2017-17716 MEDIUM

GitLab 9.4.x - Improper Certificate Validation in LDAP SSL Verification

CVE-2017-12426 HIGH

GitLab CE/EE <8.17.8, <9.0.13, <9.1.10, <9.2.10, <9.3.10, <9.4.4 - RCE

CVE-2017-11438 MEDIUM

GitLab CE and EE < 9.0.11, 9.1.8, 9.2.8 - Authenticated Privilege Escalation via Group Creation

CVE-2017-11437 MEDIUM

GitLab EE < 8.17.7, 9.0.11, 9.1.8, 9.2.8, 9.3.8 - Authenticated Repository Access via Mirroring Feature

CVE-2017-8778 MEDIUM

GitLab < 8.14.9, 8.15.x < 8.15.6, 8.16.x < 8.16.5 - Stored Cross-Site Scripting via SVG Attachment or Avatar

CVE-2017-0882 MEDIUM

GitLab <8.15.8-8.17.4 - Info Disclosure

CVE-2016-9469 HIGH

GitLab 8.12.0-8.14.2 - Authenticated Issue and Merge Request Deletion

CVE-2016-4340 HIGH

GitLab 8.2.0-8.6.7 Authenticated Privilege Escalation via Impersonate

CVE-2016-9086 MEDIUM

GitLab 8.9.0-8.13.2 - Authenticated Sensitive Information Exposure via Project Import/Export

CVE-2014-8540 MEDIUM

GitLab 6.0.0-6.9.2 and 7.x < 7.4.3 - Authenticated Arbitrary Group Ownership Modification via Groups API

GitLab Enterprise Edition 6.6.0 - Cross-Site Scripting

Previous Page 55 of 56 Next

Products

gitlab 1,368 GitLab 110 gitlab-shell 5 dynamic_application_security_testing_analyzer 4 runner 3 gitlab-vscode-extension 2 GitLab AI Gateway 1 dast_api_scanner 1 gitaly 1 gitlab_runner 1 language_server 1 omnibus 1

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy