Gitlab

Gitlab

1257 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2022-2592

  • EPSS 0.49%
  • Veröffentlicht 17.10.2022 16:15:21
  • Zuletzt bearbeitet 13.05.2025 20:15:22

A lack of length validation in Snippet descriptions in GitLab CE/EE affecting all versions prior to 15.1.6, 15.2 prior to 15.2.4 and 15.3 prior to 15.3.2 allows an authenticated attacker to create a maliciously large Snippet which when requested with...

4.3

CVE-2022-2630

  • EPSS 0.25%
  • Veröffentlicht 17.10.2022 16:15:21
  • Zuletzt bearbeitet 13.05.2025 20:15:22

An improper access control issue in GitLab CE/EE affecting all versions starting from 15.2 before 15.2.4, all versions from 15.3 before 15.3.2 allows disclosure of confidential information via the Incident timeline events.

4.8

CVE-2022-2865

  • EPSS 0.44%
  • Veröffentlicht 17.10.2022 16:15:21
  • Zuletzt bearbeitet 14.05.2025 14:15:23

A cross-site scripting issue has been discovered in GitLab CE/EE affecting all versions before 15.1.6, 15.2 to 15.2.4 and 15.3 prior to 15.3.2. It was possible to exploit a vulnerability in setting the labels colour feature which could lead to a stor...

9.9

CVE-2022-2884

  • EPSS 74.78%
  • Veröffentlicht 17.10.2022 16:15:21
  • Zuletzt bearbeitet 14.05.2025 15:15:48

A vulnerability in GitLab CE/EE affecting all versions from 11.3.4 prior to 15.1.5, 15.2 to 15.2.3, 15.3 to 15.3 to 15.3.1 allows an an authenticated user to achieve remote code execution via the Import from GitHub API endpoint

4.3

CVE-2022-2908

  • EPSS 0.26%
  • Veröffentlicht 17.10.2022 16:15:21
  • Zuletzt bearbeitet 13.05.2025 20:15:22

A potential DoS vulnerability was discovered in Gitlab CE/EE versions starting from 10.7 before 15.1.5, all versions starting from 15.2 before 15.2.3, all versions starting from 15.3 before 15.3.1 allowed an attacker to trigger high CPU usage via a s...

7.5

CVE-2022-2931

  • EPSS 0.31%
  • Veröffentlicht 17.10.2022 16:15:21
  • Zuletzt bearbeitet 13.05.2025 17:15:48

A potential DOS vulnerability was discovered in GitLab CE/EE affecting all versions before 15.1.6, all versions starting from 15.2 before 15.2.4, all versions starting from 15.3 before 15.3.2. Malformed content added to the issue description could ha...

9.9

CVE-2022-2992

  • EPSS 93.81%
  • Veröffentlicht 17.10.2022 16:15:21
  • Zuletzt bearbeitet 14.05.2025 15:15:49

A vulnerability in GitLab CE/EE affecting all versions from 11.10 prior to 15.1.6, 15.2 to 15.2.4, 15.3 to 15.3.2 allows an authenticated user to achieve remote code execution via the Import from GitHub API endpoint.

4.3

CVE-2022-3030

  • EPSS 0.29%
  • Veröffentlicht 17.10.2022 16:15:21
  • Zuletzt bearbeitet 13.05.2025 17:15:49

An improper access control issue in GitLab CE/EE affecting all versions starting before 15.1.6, all versions from 15.2 before 15.2.4, all versions from 15.3 before 15.3.2 allows disclosure of pipeline status to unauthorized users.

7.3

CVE-2022-2428

  • EPSS 0.38%
  • Veröffentlicht 17.10.2022 16:15:20
  • Zuletzt bearbeitet 13.05.2025 20:15:21

A crafted tag in the Jupyter Notebook viewer in GitLab EE/CE affecting all versions before 15.1.6, 15.2 to 15.2.4, and 15.3 to 15.3.2 allows an attacker to issue arbitrary HTTP requests

6.4

CVE-2022-2497

  • EPSS 4.62%
  • Veröffentlicht 05.08.2022 16:15:12
  • Zuletzt bearbeitet 21.11.2024 07:01:07

An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.6 before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. A malicious developer could exfiltrate an integration'...