Gitlab

GitLab

1271 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2023-1965

  • EPSS 0.07%
  • Veröffentlicht 03.05.2023 21:15:18
  • Zuletzt bearbeitet 21.11.2024 07:40:14

An issue has been discovered in GitLab EE affecting all versions starting from 14.2 before 15.9.6, all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1. Lack of verification on RelayState parameter allowed ...

4.5

CVE-2023-1265

  • EPSS 0.04%
  • Veröffentlicht 03.05.2023 21:15:17
  • Zuletzt bearbeitet 21.11.2024 07:38:47

An issue has been discovered in GitLab affecting all versions starting from 11.9 before 15.9.6, all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1. The condition allows for a privileged attacker, under ce...

5.4

CVE-2023-1836

  • EPSS 1.22%
  • Veröffentlicht 03.05.2023 21:15:17
  • Zuletzt bearbeitet 21.11.2024 07:39:59

A cross-site scripting issue has been discovered in GitLab affecting all versions starting from 5.1 before 15.9.6, all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1. When viewing an XML file in a reposit...

5.4

CVE-2023-0155

Exploit
  • EPSS 0.11%
  • Veröffentlicht 03.05.2023 21:15:16
  • Zuletzt bearbeitet 21.11.2024 07:36:39

An issue has been discovered in GitLab CE/EE affecting all versions before 15.8.5, 15.9.4, 15.10.1. Open redirects was possible due to framing arbitrary content on any page allowing user controlled markdown

6.5

CVE-2023-0485

  • EPSS 0.37%
  • Veröffentlicht 03.05.2023 21:15:16
  • Zuletzt bearbeitet 21.11.2024 07:37:16

An issue has been discovered in GitLab affecting all versions starting from 13.11 before 15.8.5, all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. It was possible that a project member demoted to a user r...

4.3

CVE-2023-1204

  • EPSS 0.38%
  • Veröffentlicht 03.05.2023 21:15:16
  • Zuletzt bearbeitet 30.01.2025 16:15:28

An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.1 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2. A user could use an unverified email as a public em...

5.4

CVE-2018-17537

  • EPSS 0.24%
  • Veröffentlicht 16.04.2023 00:15:07
  • Zuletzt bearbeitet 06.02.2025 17:15:09

An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. blog-viewer has stored XSS during repository browsing, if package.json exists. .

5.9

CVE-2019-14942

  • EPSS 0.07%
  • Veröffentlicht 16.04.2023 00:15:07
  • Zuletzt bearbeitet 06.02.2025 17:15:10

An issue was discovered in GitLab Community and Enterprise Edition before 11.11.8, 12 before 12.0.6, and 12.1 before 12.1.6. Cookies for GitLab Pages (which have access control) could be sent over cleartext HTTP.

6.5

CVE-2019-14944

Exploit
  • EPSS 1.38%
  • Veröffentlicht 16.04.2023 00:15:07
  • Zuletzt bearbeitet 06.02.2025 17:15:11

An issue was discovered in GitLab Community and Enterprise Edition before 11.11.8, 12 before 12.0.6, and 12.1 before 12.1.6. Gitaly allows injection of command-line flags. This sometimes leads to privilege escalation or remote code execution.

7.5

CVE-2018-15472

  • EPSS 0.11%
  • Veröffentlicht 15.04.2023 23:15:13
  • Zuletzt bearbeitet 10.02.2025 16:15:32

An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. The diff formatter using rouge can block for a long time in Sidekiq jobs without any timeout.