Gitlab

GitLab

1271 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2023-1071

  • EPSS 0.06%
  • Veröffentlicht 05.04.2023 21:15:07
  • Zuletzt bearbeitet 10.02.2025 21:15:13

An issue has been discovered in GitLab affecting all versions from 15.5 before 15.8.5, all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. Due to improper permissions checks it was possible for an unauthori...

5.3

CVE-2023-1167

  • EPSS 0.21%
  • Veröffentlicht 05.04.2023 21:15:07
  • Zuletzt bearbeitet 10.02.2025 21:15:14

Improper authorization in Gitlab EE affecting all versions from 12.3.0 before 15.8.5, all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1 allows an unauthorized access to security reports in MR.

4.3

CVE-2023-1417

  • EPSS 0.42%
  • Veröffentlicht 05.04.2023 21:15:07
  • Zuletzt bearbeitet 11.02.2025 16:15:31

An issue has been discovered in GitLab affecting all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. It was possible for an unauthorised user to add child epics linked to victim's epic in an unrelated group...

9.8

CVE-2023-1708

  • EPSS 6.43%
  • Veröffentlicht 05.04.2023 21:15:07
  • Zuletzt bearbeitet 10.02.2025 21:15:14

An issue was identified in GitLab CE/EE affecting all versions from 1.0 prior to 15.8.5, 15.9 prior to 15.9.4, and 15.10 prior to 15.10.1 where non-printable characters gets copied from clipboard, allowing unexpected commands to be executed on victim...

5.3

CVE-2023-1710

  • EPSS 1.76%
  • Veröffentlicht 05.04.2023 21:15:07
  • Zuletzt bearbeitet 10.02.2025 21:15:14

A sensitive information disclosure vulnerability in GitLab affecting all versions from 15.0 prior to 15.8.5, 15.9 prior to 15.9.4 and 15.10 prior to 15.10.1 allows an attacker to view the count of internal notes for a given issue.

5.3

CVE-2023-1787

  • EPSS 0.3%
  • Veröffentlicht 05.04.2023 21:15:07
  • Zuletzt bearbeitet 10.02.2025 21:15:15

An issue has been discovered in GitLab affecting all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. A search timeout could be triggered if a specific HTML payload was used in the issue description.

3.7

CVE-2022-3375

  • EPSS 0.42%
  • Veröffentlicht 05.04.2023 20:15:07
  • Zuletzt bearbeitet 10.02.2025 22:15:30

An issue has been discovered in GitLab affecting all versions starting from 11.10 before 15.8.5, all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. It was possible to disclose the branch names when attacke...

6.1

CVE-2022-3513

  • EPSS 24.96%
  • Veröffentlicht 05.04.2023 20:15:07
  • Zuletzt bearbeitet 11.02.2025 17:15:12

An issue has been discovered in GitLab affecting all versions starting from 12.8 before 15.8.5, all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. A specially crafted payload could lead to a reflected XSS ...

5.3

CVE-2023-0319

  • EPSS 0.42%
  • Veröffentlicht 05.04.2023 20:15:07
  • Zuletzt bearbeitet 11.02.2025 17:15:14

An issue has been discovered in GitLab affecting all versions starting from 13.6 before 15.8.5, all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1, allowing to read environment names supposed to be restrict...

6.1

CVE-2023-0523

  • EPSS 19.61%
  • Veröffentlicht 05.04.2023 20:15:07
  • Zuletzt bearbeitet 10.02.2025 22:15:30

An issue has been discovered in GitLab affecting all versions starting from 15.6 before 15.8.5, 15.9 before 15.9.4, and 15.10 before 15.10.1. An XSS was possible via a malicious email address for certain instances.