Gitlab

GitLab

1271 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2023-0921

  • EPSS 20.03%
  • Veröffentlicht 06.06.2023 17:15:12
  • Zuletzt bearbeitet 05.05.2025 14:12:29

A lack of length validation in GitLab CE/EE affecting all versions from 8.3 before 15.10.8, 15.11 before 15.11.7, and 16.0 before 16.0.2 allows an authenticated attacker to create a large Issue description via GraphQL which, when repeatedly requested...

7.5

CVE-2023-2825

  • EPSS 93.07%
  • Veröffentlicht 26.05.2023 21:15:16
  • Zuletzt bearbeitet 15.01.2025 16:15:26

An issue has been discovered in GitLab CE/EE affecting only version 16.0.0. An unauthenticated malicious user can use a path traversal vulnerability to read arbitrary files on the server when an attachment exists in a public project nested within at ...

6.5

CVE-2023-2181

  • EPSS 0.44%
  • Veröffentlicht 12.05.2023 21:15:09
  • Zuletzt bearbeitet 21.11.2024 07:58:05

An issue has been discovered in GitLab affecting all versions before 15.9.8, 15.10.0 before 15.10.7, and 15.11.0 before 15.11.3. A malicious developer could use a git feature called refs/replace to smuggle content into a merge request which would not...

6.5

CVE-2023-2478

  • EPSS 0.41%
  • Veröffentlicht 08.05.2023 21:15:10
  • Zuletzt bearbeitet 29.01.2025 18:15:44

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 15.9.7, all versions starting from 15.10 before 15.10.6, all versions starting from 15.11 before 15.11.2. Under certain conditions, a malicious unauthorized...

8.8

CVE-2023-2182

Exploit
  • EPSS 0.4%
  • Veröffentlicht 03.05.2023 22:15:19
  • Zuletzt bearbeitet 21.11.2024 07:58:05

An issue has been discovered in GitLab EE affecting all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1. Under certain conditions when OpenID Connect is enabled on an instance, it may allow users who are m...

5.7

CVE-2023-1178

  • EPSS 4.15%
  • Veröffentlicht 03.05.2023 22:15:17
  • Zuletzt bearbeitet 21.11.2024 07:38:36

An issue has been discovered in GitLab CE/EE affecting all versions from 8.6 before 15.9.6, all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1. File integrity may be compromised when source code or instal...

8

CVE-2023-0756

  • EPSS 0.26%
  • Veröffentlicht 03.05.2023 22:15:16
  • Zuletzt bearbeitet 21.11.2024 07:37:45

An issue has been discovered in GitLab affecting all versions before 15.9.6, all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1. The main branch of a repository with a specially crafted name allows an att...

8.1

CVE-2023-0805

  • EPSS 0.07%
  • Veröffentlicht 03.05.2023 22:15:16
  • Zuletzt bearbeitet 12.02.2025 16:15:34

An issue has been discovered in GitLab EE affecting all versions starting from 15.2 before 15.9.6, all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1. A malicious group member may continue to have access ...

4.3

CVE-2022-4376

  • EPSS 0.16%
  • Veröffentlicht 03.05.2023 22:15:15
  • Zuletzt bearbeitet 21.11.2024 07:35:09

An issue has been discovered in GitLab affecting all versions before 15.9.6, all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1. Under certain conditions, an attacker may be able to map a private email of...

4.3

CVE-2023-2069

  • EPSS 0.11%
  • Veröffentlicht 03.05.2023 21:15:21
  • Zuletzt bearbeitet 21.11.2024 07:57:52

An issue has been discovered in GitLab affecting all versions starting from 10.0 before 12.9.8, all versions starting from 12.10 before 12.10.7, all versions starting from 13.0 before 13.0.1. A user with the role of developer could use the import pro...