Gitlab

Gitlab

1257 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2024-5655

  • EPSS 0.73%
  • Veröffentlicht 27.06.2024 00:15:12
  • Zuletzt bearbeitet 21.11.2024 09:48:06

An issue was discovered in GitLab CE/EE affecting all versions starting from 15.8 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows an attacker to trigger a pipeline as another user under certa...

4.3

CVE-2024-3115

  • EPSS 0.13%
  • Veröffentlicht 27.06.2024 00:15:11
  • Zuletzt bearbeitet 21.11.2024 09:28:56

An issue was discovered in GitLab EE affecting all versions starting from 16.0 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows an attacker to access issues and epics without having an SSO ses...

6.5

CVE-2024-3959

  • EPSS 0.04%
  • Veröffentlicht 27.06.2024 00:15:11
  • Zuletzt bearbeitet 21.11.2024 09:30:46

An issue was discovered in GitLab CE/EE affecting all versions starting from 16.7 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows private job artifacts can be accessed by any user.

4.3

CVE-2024-4011

  • EPSS 0.06%
  • Veröffentlicht 27.06.2024 00:15:11
  • Zuletzt bearbeitet 21.11.2024 09:42:01

An issue was discovered in GitLab CE/EE affecting all versions starting from 16.1 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows non-project member to promote key results to objectives.

6.5

CVE-2024-4557

  • EPSS 0.18%
  • Veröffentlicht 27.06.2024 00:15:11
  • Zuletzt bearbeitet 21.11.2024 09:43:06

Multiple Denial of Service (DoS) conditions has been discovered in GitLab CE/EE affecting all versions starting from 1.0 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1 which allowed an attacker to cause r...

6.5

CVE-2024-1493

  • EPSS 0.17%
  • Veröffentlicht 27.06.2024 00:15:10
  • Zuletzt bearbeitet 21.11.2024 08:50:42

An issue was discovered in GitLab CE/EE affecting all versions starting from 9.2 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, with the processing logic for generating link in dependency files can lead ...

5.5

CVE-2024-1816

  • EPSS 0.09%
  • Veröffentlicht 27.06.2024 00:15:10
  • Zuletzt bearbeitet 21.11.2024 08:51:22

An issue was discovered in GitLab CE/EE affecting all versions starting from 12.0 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows for an attacker to cause a denial of service using a crafted ...

5.3

CVE-2024-2191

  • EPSS 0.18%
  • Veröffentlicht 27.06.2024 00:15:10
  • Zuletzt bearbeitet 21.11.2024 09:09:13

An issue was discovered in GitLab CE/EE affecting all versions starting from 16.9 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows merge request title to be visible publicly despite being set ...

4.3

CVE-2024-5469

  • EPSS 0.12%
  • Veröffentlicht 14.06.2024 04:15:43
  • Zuletzt bearbeitet 21.11.2024 09:47:44

DoS in KAS in GitLab CE/EE affecting all versions from 16.10.0 prior to 16.10.6 and 16.11.0 prior to 16.11.3 allows an attacker to crash KAS via crafted gRPC requests.

6.5

CVE-2024-1495

  • EPSS 0.54%
  • Veröffentlicht 12.06.2024 23:15:49
  • Zuletzt bearbeitet 21.11.2024 08:50:42

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.1 prior to 16.10.7, starting from 16.11 prior to 16.11.4, and starting from 17.0 prior to 17.0.2. It was possible for an attacker to cause a denial of service using ...