Gitlab

GitLab

1310 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2024-6323

  • EPSS 0.07%
  • Veröffentlicht 27.06.2024 00:15:13
  • Zuletzt bearbeitet 21.11.2024 09:49:25

Improper authorization in global search in GitLab EE affecting all versions from 16.11 prior to 16.11.5 and 17.0 prior to 17.0.3 and 17.1 prior to 17.1.1 allows an attacker leak content of a private repository in a public project.

5.4

CVE-2024-4901

  • EPSS 4.79%
  • Veröffentlicht 27.06.2024 00:15:12
  • Zuletzt bearbeitet 21.11.2024 09:43:49

An issue was discovered in GitLab CE/EE affecting all versions starting from 16.9 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, where a stored XSS vulnerability could be imported from a project with mal...

4.9

CVE-2024-5430

  • EPSS 0.03%
  • Veröffentlicht 27.06.2024 00:15:12
  • Zuletzt bearbeitet 21.11.2024 09:47:40

An issue was discovered in GitLab CE/EE affecting all versions starting from 16.10 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows a project maintainer can delete the merge request approval p...

8.8

CVE-2024-5655

  • EPSS 0.85%
  • Veröffentlicht 27.06.2024 00:15:12
  • Zuletzt bearbeitet 21.11.2024 09:48:06

An issue was discovered in GitLab CE/EE affecting all versions starting from 15.8 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows an attacker to trigger a pipeline as another user under certa...

4.3

CVE-2024-3115

  • EPSS 0.13%
  • Veröffentlicht 27.06.2024 00:15:11
  • Zuletzt bearbeitet 21.11.2024 09:28:56

An issue was discovered in GitLab EE affecting all versions starting from 16.0 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows an attacker to access issues and epics without having an SSO ses...

6.5

CVE-2024-3959

  • EPSS 0.03%
  • Veröffentlicht 27.06.2024 00:15:11
  • Zuletzt bearbeitet 21.11.2024 09:30:46

An issue was discovered in GitLab CE/EE affecting all versions starting from 16.7 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows private job artifacts can be accessed by any user.

4.3

CVE-2024-4011

  • EPSS 0.08%
  • Veröffentlicht 27.06.2024 00:15:11
  • Zuletzt bearbeitet 21.11.2024 09:42:01

An issue was discovered in GitLab CE/EE affecting all versions starting from 16.1 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows non-project member to promote key results to objectives.

6.5

CVE-2024-4557

  • EPSS 0.18%
  • Veröffentlicht 27.06.2024 00:15:11
  • Zuletzt bearbeitet 21.11.2024 09:43:06

Multiple Denial of Service (DoS) conditions has been discovered in GitLab CE/EE affecting all versions starting from 1.0 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1 which allowed an attacker to cause r...

6.5

CVE-2024-1493

  • EPSS 0.17%
  • Veröffentlicht 27.06.2024 00:15:10
  • Zuletzt bearbeitet 21.11.2024 08:50:42

An issue was discovered in GitLab CE/EE affecting all versions starting from 9.2 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, with the processing logic for generating link in dependency files can lead ...

5.5

CVE-2024-1816

  • EPSS 0.09%
  • Veröffentlicht 27.06.2024 00:15:10
  • Zuletzt bearbeitet 21.11.2024 08:51:22

An issue was discovered in GitLab CE/EE affecting all versions starting from 12.0 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows for an attacker to cause a denial of service using a crafted ...