Gitlab

Gitlab

1257 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2022-3819

  • EPSS 0.11%
  • Veröffentlicht 10.11.2022 00:15:22
  • Zuletzt bearbeitet 01.05.2025 20:15:34

An improper authorization issue in GitLab CE/EE affecting all versions from 15.0 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows a malicious users to set emojis on internal notes they don't have access to.

4.3

CVE-2022-3413

  • EPSS 0.18%
  • Veröffentlicht 10.11.2022 00:15:20
  • Zuletzt bearbeitet 01.05.2025 16:15:22

Incorrect authorization during display of Audit Events in GitLab EE affecting all versions from 14.5 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2, allowed Developers to view the project's Audit Events and Developers or Maintainers ...

7.5

CVE-2022-3285

  • EPSS 0.35%
  • Veröffentlicht 09.11.2022 23:15:14
  • Zuletzt bearbeitet 21.11.2024 07:19:13

Bypass of healthcheck endpoint allow list affecting all versions from 12.0 prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1 allows an unauthorized attacker to prevent access to GitLab

5.4

CVE-2022-3483

  • EPSS 0.33%
  • Veröffentlicht 09.11.2022 23:15:14
  • Zuletzt bearbeitet 21.11.2024 07:19:37

An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.1 before 15.3.5, all versions starting from 15.4 before 15.4.4, all versions starting from 15.5 before 15.5.2. A malicious maintainer could exfiltrate a Datadog inte...

6.1

CVE-2022-3486

  • EPSS 0.38%
  • Veröffentlicht 09.11.2022 23:15:14
  • Zuletzt bearbeitet 01.05.2025 20:15:33

An open redirect vulnerability in GitLab EE/CE affecting all versions from 9.3 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2, allows an attacker to redirect users to an arbitrary location if they trust the URL.

5.4

CVE-2022-3265

  • EPSS 15.47%
  • Veröffentlicht 09.11.2022 23:15:13
  • Zuletzt bearbeitet 01.05.2025 20:15:32

A cross-site scripting issue has been discovered in GitLab CE/EE affecting all versions prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2. It was possible to exploit a vulnerability in setting the labels colour feature which could lead ...

6.1

CVE-2022-3280

  • EPSS 0.17%
  • Veröffentlicht 09.11.2022 23:15:13
  • Zuletzt bearbeitet 01.05.2025 20:15:32

An open redirect in GitLab CE/EE affecting all versions from 10.1 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows an attacker to trick users into visiting a trustworthy URL and being redirected to arbitrary content.

5.3

CVE-2022-2761

  • EPSS 0.28%
  • Veröffentlicht 09.11.2022 23:15:09
  • Zuletzt bearbeitet 21.11.2024 07:01:39

An information disclosure issue in GitLab CE/EE affecting all versions from 14.4 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows an attacker to use GitLab Flavored Markdown (GFM) references in a Jira issue to disclose the names...

5.4

CVE-2022-2904

  • EPSS 4.92%
  • Veröffentlicht 02.11.2022 20:15:09
  • Zuletzt bearbeitet 02.05.2025 19:15:49

A cross-site scripting issue has been discovered in GitLab CE/EE affecting all versions starting from 15.2 before 15.2.5, all versions starting from 15.3 before 15.3.4, all versions starting from 15.4 before 15.4.1 It was possible to exploit a vulner...

9.8

CVE-2022-2826

  • EPSS 0.51%
  • Veröffentlicht 28.10.2022 22:15:09
  • Zuletzt bearbeitet 07.05.2025 16:15:19

An issue has been discovered in GitLab affecting all versions starting from 10.0 before 12.9.8, all versions starting from 12.10 before 12.10.7, all versions starting from 13.0 before 13.0.1. TODO