Gitlab

Gitlab

1257 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2022-2244

  • EPSS 0.24%
  • Veröffentlicht 01.07.2022 16:15:08
  • Zuletzt bearbeitet 21.11.2024 07:00:36

An improper authorization vulnerability in GitLab EE/CE affecting all versions from 14.8 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1, allows project memebers with reporter role to manage issues in project's error tracking feature...

6.1

CVE-2022-2250

  • EPSS 0.35%
  • Veröffentlicht 01.07.2022 16:15:08
  • Zuletzt bearbeitet 21.11.2024 07:00:37

An open redirect vulnerability in GitLab EE/CE affecting all versions from 11.1 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1, allows an attacker to redirect users to an arbitrary location if they trust the URL.

5.3

CVE-2022-2281

  • EPSS 0.28%
  • Veröffentlicht 01.07.2022 16:15:08
  • Zuletzt bearbeitet 21.11.2024 07:00:40

An information disclosure vulnerability in GitLab EE affecting all versions from 12.5 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1, allows disclosure of release titles if group milestones are associated with any project releases.

8.8

CVE-2022-1680

  • EPSS 11.62%
  • Veröffentlicht 06.06.2022 18:15:08
  • Zuletzt bearbeitet 21.11.2024 06:41:14

An account takeover issue has been discovered in GitLab EE affecting all versions starting from 11.10 before 14.9.5, all versions starting from 14.10 before 14.10.4, all versions starting from 15.0 before 15.0.1. When group SAML SSO is configured, th...

4

CVE-2022-1783

  • EPSS 1.08%
  • Veröffentlicht 06.06.2022 17:15:10
  • Zuletzt bearbeitet 21.11.2024 06:41:27

An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.3 before 14.9.5, all versions starting from 14.10 before 14.10.4, all versions starting from 15.0 before 15.0.1. It may be possible for malicious group maintainers t...

4.3

CVE-2022-1821

Exploit
  • EPSS 0.27%
  • Veröffentlicht 06.06.2022 17:15:10
  • Zuletzt bearbeitet 21.11.2024 06:41:32

An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.8 before 14.9.5, all versions starting from 14.10 before 14.10.4, all versions starting from 15.0 before 15.0.1. It may be possible for a subgroup member to access t...

6.5

CVE-2022-1935

  • EPSS 0.14%
  • Veröffentlicht 06.06.2022 17:15:10
  • Zuletzt bearbeitet 21.11.2024 06:41:47

Incorrect authorization in GitLab EE affecting all versions from 12.0 before 14.9.5, all versions starting from 14.10 before 14.10.4, all versions starting from 15.0 before 15.0.1 allowed an attacker already in possession of a valid Project Trigger T...

6.5

CVE-2022-1936

  • EPSS 0.17%
  • Veröffentlicht 06.06.2022 17:15:10
  • Zuletzt bearbeitet 21.11.2024 06:41:47

Incorrect authorization in GitLab EE affecting all versions from 12.0 before 14.9.5, all versions starting from 14.10 before 14.10.4, all versions starting from 15.0 before 15.0.1 allowed an attacker already in possession of a valid Project Deploy To...

5.4

CVE-2022-1940

  • EPSS 1%
  • Veröffentlicht 06.06.2022 17:15:10
  • Zuletzt bearbeitet 21.11.2024 06:41:47

A Stored Cross-Site Scripting vulnerability in Jira integration in GitLab EE affecting all versions from 13.11 prior to 14.9.5, 14.10 prior to 14.10.4, and 15.0 prior to 15.0.1 allows an attacker to execute arbitrary JavaScript code in GitLab on a vi...

7.1

CVE-2022-1944

  • EPSS 0.16%
  • Veröffentlicht 06.06.2022 17:15:10
  • Zuletzt bearbeitet 21.11.2024 06:41:48

When the feature is configured, improper authorization in the Interactive Web Terminal in GitLab CE/EE affecting all versions from 11.3 prior to 14.9.5, 14.10 prior to 14.10.4, and 15.0 prior to 15.0.1 allows users with the Developer role to open ter...