Gitlab

Gitlab

1257 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2023-6033

  • EPSS 0.95%
  • Veröffentlicht 01.12.2023 07:15:13
  • Zuletzt bearbeitet 21.11.2024 08:43:00

Improper neutralization of input in Jira integration configuration in GitLab CE/EE, affecting all versions from 15.10 prior to 16.6.1, 16.5 prior to 16.5.3, and 16.4 prior to 16.4.3 allows attacker to execute javascript in victim's browser.

7.5

CVE-2023-5226

  • EPSS 0.08%
  • Veröffentlicht 01.12.2023 07:15:12
  • Zuletzt bearbeitet 21.11.2024 08:41:19

An issue has been discovered in GitLab affecting all versions before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. Under certain circumstances, a malicious actor bypass prohibited branch checks ...

6.5

CVE-2023-4912

  • EPSS 0.05%
  • Veröffentlicht 01.12.2023 07:15:11
  • Zuletzt bearbeitet 21.11.2024 08:36:15

An issue has been discovered in GitLab EE affecting all versions starting from 10.5 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was possible for an attacker to cause a client-side de...

4.3

CVE-2023-4317

  • EPSS 0.05%
  • Veröffentlicht 01.12.2023 07:15:10
  • Zuletzt bearbeitet 21.11.2024 08:34:50

An issue has been discovered in GitLab affecting all versions starting from 9.2 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was possible for a user with the Developer role to update ...

3.1

CVE-2023-4658

  • EPSS 0.05%
  • Veröffentlicht 01.12.2023 07:15:10
  • Zuletzt bearbeitet 21.11.2024 08:35:37

An issue has been discovered in GitLab EE affecting all versions starting from 8.13 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was possible for an attacker to abuse the `Allowed to ...

4.3

CVE-2023-3964

  • EPSS 0.09%
  • Veröffentlicht 01.12.2023 07:15:09
  • Zuletzt bearbeitet 21.11.2024 08:18:24

An issue has been discovered in GitLab affecting all versions starting from 13.2 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was possible for users to access composer packages on pub...

5.3

CVE-2023-3949

  • EPSS 0.11%
  • Veröffentlicht 01.12.2023 07:15:08
  • Zuletzt bearbeitet 21.11.2024 08:18:23

An issue has been discovered in GitLab affecting all versions starting from 11.3 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was possible for unauthorized users to view a public proj...

4.3

CVE-2023-3443

  • EPSS 0.06%
  • Veröffentlicht 01.12.2023 07:15:07
  • Zuletzt bearbeitet 21.11.2024 08:17:16

An issue has been discovered in GitLab affecting all versions starting from 12.1 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was possible for a Guest user to add an emoji on confiden...

7.5

CVE-2023-4379

  • EPSS 0.01%
  • Veröffentlicht 09.11.2023 21:15:24
  • Zuletzt bearbeitet 21.11.2024 08:34:58

An issue has been discovered in GitLab EE affecting all versions starting from 15.3 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1. Code owner approval was not removed from merge requests when the target branch was updated.

6.5

CVE-2023-4700

  • EPSS 0.01%
  • Veröffentlicht 06.11.2023 18:15:08
  • Zuletzt bearbeitet 21.11.2024 08:35:43

An authorization issue affecting GitLab EE affecting all versions from 14.7 prior to 16.3.6, 16.4 prior to 16.4.2, and 16.5 prior to 16.5.1, allowed a user to run jobs in protected environments, bypassing any required approvals.