Gitlab

GitLab

1271 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2022-4335

Exploit
  • EPSS 0.3%
  • Veröffentlicht 27.01.2023 18:15:16
  • Zuletzt bearbeitet 28.03.2025 15:15:42

A blind SSRF vulnerability was identified in all versions of GitLab EE prior to 15.4.6, 15.5 prior to 15.5.5, and 15.6 prior to 15.6.1 which allows an attacker to connect to a local host.

5.5

CVE-2022-4054

Exploit
  • EPSS 0.23%
  • Veröffentlicht 26.01.2023 21:18:06
  • Zuletzt bearbeitet 02.04.2025 16:15:23

An issue has been discovered in GitLab affecting all versions starting from 9.3 before 15.4.6, all versions starting from 15.5 before 15.5.5, all versions starting from 15.6 before 15.6.1. It was possible for a project maintainer to leak a webhook se...

8

CVE-2022-4092

Exploit
  • EPSS 5.05%
  • Veröffentlicht 26.01.2023 21:18:06
  • Zuletzt bearbeitet 01.04.2025 18:15:29

An issue has been discovered in GitLab EE affecting all versions starting from 15.6 before 15.6.1. It was possible to create a malicious README page due to improper neutralisation of user supplied input.

6.4

CVE-2022-3902

Exploit
  • EPSS 0.22%
  • Veröffentlicht 26.01.2023 21:16:02
  • Zuletzt bearbeitet 02.04.2025 15:15:46

An issue has been discovered in GitLab affecting all versions starting from 9.3 before 15.4.6, all versions starting from 15.5 before 15.5.5, all versions starting from 15.6 before 15.6.1. It was possible for a project maintainer to unmask webhook se...

4.9

CVE-2022-3740

  • EPSS 0.19%
  • Veröffentlicht 26.01.2023 21:15:58
  • Zuletzt bearbeitet 02.04.2025 15:15:45

An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.9 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2. A group owner may be able to bypass External Authorization check, if it is enabled, to access git ...

6.5

CVE-2022-3820

Exploit
  • EPSS 0.12%
  • Veröffentlicht 26.01.2023 21:15:58
  • Zuletzt bearbeitet 02.04.2025 15:15:46

An issue has been discovered in GitLab affecting all versions starting from 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2. GitLab was not performing correct authentication with some Package Registries when IP address restrictions were configured, al...

6.1

CVE-2022-3572

Exploit
  • EPSS 11.25%
  • Veröffentlicht 26.01.2023 21:15:54
  • Zuletzt bearbeitet 02.04.2025 15:15:45

A cross-site scripting issue has been discovered in GitLab CE/EE affecting all versions from 13.5 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2. It was possible to exploit a vulnerability in setting the Jira Connect integration whic...

4.3

CVE-2022-3478

Exploit
  • EPSS 0.2%
  • Veröffentlicht 26.01.2023 21:15:51
  • Zuletzt bearbeitet 02.04.2025 15:15:45

An issue has been discovered in GitLab affecting all versions starting from 12.8 before 15.4.6, all versions starting from 15.5 before 15.5.5, all versions starting from 15.6 before 15.6.1. It was possible to trigger a DoS attack by uploading a malic...

5.3

CVE-2022-3482

Exploit
  • EPSS 0.37%
  • Veröffentlicht 26.01.2023 21:15:51
  • Zuletzt bearbeitet 21.11.2024 07:19:37

An improper access control issue in GitLab CE/EE affecting all versions from 11.3 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allowed an unauthorized user to see release names even when releases we set to be restricted to project ...

6.5

CVE-2022-2907

  • EPSS 0.62%
  • Veröffentlicht 17.01.2023 21:15:12
  • Zuletzt bearbeitet 04.04.2025 18:15:41

An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.9 before 15.1.6, all versions starting from 15.2 before 15.2.4, all versions starting from 15.3 before 15.3.2. It was possible to read repository content by an unaut...