Gitlab

GitLab

1271 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
3.5

CVE-2023-3511

  • EPSS 0.02%
  • Veröffentlicht 15.12.2023 16:15:43
  • Zuletzt bearbeitet 21.11.2024 08:17:25

An issue has been discovered in GitLab EE affecting all versions starting from 8.17 before 16.4.4, all versions starting from 16.5 before 16.5.4, all versions starting from 16.6 before 16.6.2. It was possible for auditor users to fork and submit merg...

7.5

CVE-2023-3904

  • EPSS 0.02%
  • Veröffentlicht 15.12.2023 16:15:43
  • Zuletzt bearbeitet 21.11.2024 08:18:19

An issue has been discovered in GitLab EE affecting all versions starting before 16.4.4, all versions starting from 16.5 before 16.5.4, all versions starting from 16.6 before 16.6.2. It was possible to overflow the time spent on an issue that altered...

8.1

CVE-2023-5332

Exploit
  • EPSS 0.02%
  • Veröffentlicht 04.12.2023 07:15:07
  • Zuletzt bearbeitet 21.11.2024 08:41:33

Patch in third party library Consul requires 'enable-script-checks' to be set to False. This was required to enable a patch by the vendor. Without this setting the patch could be bypassed. This only affects GitLab-EE.

7.5

CVE-2023-5995

  • EPSS 0.04%
  • Veröffentlicht 01.12.2023 07:15:13
  • Zuletzt bearbeitet 21.11.2024 08:42:56

An issue has been discovered in GitLab EE affecting all versions starting from 16.2 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was possible for an attacker to abuse the policy bot t...

5.4

CVE-2023-6033

  • EPSS 1.24%
  • Veröffentlicht 01.12.2023 07:15:13
  • Zuletzt bearbeitet 21.11.2024 08:43:00

Improper neutralization of input in Jira integration configuration in GitLab CE/EE, affecting all versions from 15.10 prior to 16.6.1, 16.5 prior to 16.5.3, and 16.4 prior to 16.4.3 allows attacker to execute javascript in victim's browser.

7.5

CVE-2023-5226

  • EPSS 0.08%
  • Veröffentlicht 01.12.2023 07:15:12
  • Zuletzt bearbeitet 21.11.2024 08:41:19

An issue has been discovered in GitLab affecting all versions before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. Under certain circumstances, a malicious actor bypass prohibited branch checks ...

6.5

CVE-2023-4912

  • EPSS 0.06%
  • Veröffentlicht 01.12.2023 07:15:11
  • Zuletzt bearbeitet 21.11.2024 08:36:15

An issue has been discovered in GitLab EE affecting all versions starting from 10.5 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was possible for an attacker to cause a client-side de...

4.3

CVE-2023-4317

  • EPSS 0.05%
  • Veröffentlicht 01.12.2023 07:15:10
  • Zuletzt bearbeitet 21.11.2024 08:34:50

An issue has been discovered in GitLab affecting all versions starting from 9.2 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was possible for a user with the Developer role to update ...

3.1

CVE-2023-4658

  • EPSS 0.05%
  • Veröffentlicht 01.12.2023 07:15:10
  • Zuletzt bearbeitet 21.11.2024 08:35:37

An issue has been discovered in GitLab EE affecting all versions starting from 8.13 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was possible for an attacker to abuse the `Allowed to ...

4.3

CVE-2023-3964

  • EPSS 0.09%
  • Veröffentlicht 01.12.2023 07:15:09
  • Zuletzt bearbeitet 21.11.2024 08:18:24

An issue has been discovered in GitLab affecting all versions starting from 13.2 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was possible for users to access composer packages on pub...