CVE-2023-0050
- EPSS 78.28%
- Veröffentlicht 09.03.2023 22:15:51
- Zuletzt bearbeitet 21.11.2024 07:36:27
An issue has been discovered in GitLab affecting all versions starting from 13.7 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. A specially crafted Kroki diagram could lead to a stored XSS...
CVE-2023-1072
- EPSS 0.31%
- Veröffentlicht 09.03.2023 22:15:51
- Zuletzt bearbeitet 21.11.2024 07:38:24
An issue has been discovered in GitLab affecting all versions starting from 9.0 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. It was possible to trigger a resource depletion attack due to...
CVE-2022-3381
- EPSS 0.34%
- Veröffentlicht 09.03.2023 21:15:10
- Zuletzt bearbeitet 21.11.2024 07:19:24
An issue has been discovered in GitLab affecting all versions starting from 10.0 to 15.7.8, 15.8 prior to 15.8.4 and 15.9 prior to 15.9.2. A crafted URL could be used to redirect users to arbitrary sites
CVE-2022-4289
- EPSS 1.41%
- Veröffentlicht 09.03.2023 21:15:10
- Zuletzt bearbeitet 21.11.2024 07:34:56
An issue has been discovered in GitLab affecting all versions starting from 15.3 before 15.7.8, versions of 15.8 before 15.8.4, and version 15.9 before 15.9.2. Google IAP details in Prometheus integration were not hidden, could be leaked from instanc...
CVE-2023-0223
- EPSS 1.22%
- Veröffentlicht 09.03.2023 21:15:10
- Zuletzt bearbeitet 21.11.2024 07:36:46
An issue has been discovered in GitLab affecting all versions starting from 15.5 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. Non-project members could retrieve release descriptions via ...
CVE-2022-4462
- EPSS 0.17%
- Veröffentlicht 09.03.2023 20:15:09
- Zuletzt bearbeitet 21.11.2024 07:35:18
An issue has been discovered in GitLab affecting all versions starting from 12.8 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. This vulnerability could allow a user to unmask the Discord ...
CVE-2023-0483
- EPSS 0.13%
- Veröffentlicht 09.03.2023 20:15:09
- Zuletzt bearbeitet 21.11.2024 07:37:16
An issue has been discovered in GitLab affecting all versions starting from 12.1 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. It was possible for a project maintainer to extract a Datado...
CVE-2023-1084
- EPSS 1.39%
- Veröffentlicht 09.03.2023 20:15:09
- Zuletzt bearbeitet 21.11.2024 07:38:25
An issue has been discovered in GitLab CE/EE affecting all versions before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. A malicious project Maintainer may create a Project Access Token with Own...
CVE-2022-4007
- EPSS 0.69%
- Veröffentlicht 08.03.2023 23:15:10
- Zuletzt bearbeitet 21.11.2024 07:34:26
A issue has been discovered in GitLab CE/EE affecting all versions from 15.3 prior to 15.7.8, version 15.8 prior to 15.8.4, and version 15.9 prior to 15.9.2 A cross-site scripting vulnerability was found in the title field of work items that allowed ...
CVE-2022-3759
- EPSS 0.65%
- Veröffentlicht 13.02.2023 23:15:11
- Zuletzt bearbeitet 21.03.2025 19:15:39
An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.3 before 15.6.7, all versions starting from 15.7 before 15.7.6, all versions starting from 15.8 before 15.8.1. An attacker may upload a crafted CI job artifact zip f...