Gitlab

Gitlab

1257 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2024-3114

  • EPSS 0.15%
  • Veröffentlicht 08.08.2024 11:15:12
  • Zuletzt bearbeitet 30.08.2024 14:15:15

An issue was discovered in GitLab CE/EE affecting all versions starting from 11.10 prior to 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2, with the processing logic for parsing invalid commits can lead to a regular expression DoS attack on t...

6.5

CVE-2024-3958

  • EPSS 0.07%
  • Veröffentlicht 08.08.2024 11:15:12
  • Zuletzt bearbeitet 29.08.2024 15:50:33

An issue has been discovered in GitLab CE/EE affecting all versions before 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2. An issue was found that allows someone to abuse a discrepancy between the Web application display and the git command ...

6.5

CVE-2024-4210

  • EPSS 0.18%
  • Veröffentlicht 08.08.2024 10:15:09
  • Zuletzt bearbeitet 23.08.2024 16:56:07

A Denial of Service (DoS) condition has been discovered in GitLab CE/EE affecting all versions starting with 12.6 before 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2. It is possible for an attacker to cause a denial of service using crafted...

5.4

CVE-2024-4784

  • EPSS 0.01%
  • Veröffentlicht 08.08.2024 10:15:09
  • Zuletzt bearbeitet 23.08.2024 16:59:30

An issue was discovered in GitLab EE starting from version 16.7 before 17.0.6, version 17.1 before 17.1.4 and 17.2 before 17.2.2 that allowed bypassing the password re-entry requirement to approve a policy.

7.5

CVE-2024-6329

  • EPSS 0.06%
  • Veröffentlicht 08.08.2024 10:15:09
  • Zuletzt bearbeitet 23.08.2024 17:01:34

An issue was discovered in GitLab CE/EE affecting all versions starting from 8.16 prior to 17.0.6, starting from 17.1 prior to 17.1.4, and starting from 17.2 prior to 17.2.2, which causes the web interface to fail to render the diff correctly when th...

4.3

CVE-2024-7057

  • EPSS 0.07%
  • Veröffentlicht 25.07.2024 01:15:10
  • Zuletzt bearbeitet 21.11.2024 09:50:48

An information disclosure vulnerability in GitLab CE/EE affecting all versions starting from 16.7 prior to 17.0.5, starting from 17.1 prior to 17.1.3, and starting from 17.2 prior to 17.2.1 where job artifacts can be inappropriately exposed to users ...

5.4

CVE-2024-7047

  • EPSS 0.09%
  • Veröffentlicht 25.07.2024 01:15:09
  • Zuletzt bearbeitet 21.11.2024 09:50:47

A cross site scripting vulnerability exists in GitLab CE/EE affecting all versions from 16.6 prior to 17.0.5, 17.1 prior to 17.1.3, 17.2 prior to 17.2.1 allowing an attacker to execute arbitrary scripts under the context of the current logged in user...

5

CVE-2024-7091

  • EPSS 0.07%
  • Veröffentlicht 24.07.2024 23:15:10
  • Zuletzt bearbeitet 21.11.2024 09:50:52

An issue was discovered in GitLab CE/EE affecting all versions starting from 15.6 prior to 17.0.5, starting from 17.1 prior to 17.1.3, and starting from 17.2 prior to 17.2.1 where it was possible to disclose limited information of an exported group o...

2.7

CVE-2024-0231

  • EPSS 0.23%
  • Veröffentlicht 24.07.2024 23:15:09
  • Zuletzt bearbeitet 21.11.2024 08:46:06

A resource misdirection vulnerability in GitLab CE/EE versions 12.0 prior to 17.0.5, 17.1 prior to 17.1.3, and 17.2 prior to 17.2.1 allows an attacker to craft a repository import in such a way as to misdirect commits.

4.9

CVE-2024-5067

Exploit
  • EPSS 0.09%
  • Veröffentlicht 24.07.2024 23:15:09
  • Zuletzt bearbeitet 21.11.2024 09:46:53

An issue was discovered in GitLab EE affecting all versions starting from 16.11 prior to 17.0.5, starting from 17.1 prior to 17.1.3, and starting from 17.2 prior to 17.2.1 where certain project-level analytics settings could be leaked in DOM to group...