CVE-2022-4331
- EPSS 0.32%
- Veröffentlicht 09.03.2023 22:15:51
- Zuletzt bearbeitet 28.02.2025 18:15:25
An issue has been discovered in GitLab EE affecting all versions starting from 15.1 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. If a group with SAML SSO enabled is transferred to a new ...
CVE-2023-0050
- EPSS 59.63%
- Veröffentlicht 09.03.2023 22:15:51
- Zuletzt bearbeitet 21.11.2024 07:36:27
An issue has been discovered in GitLab affecting all versions starting from 13.7 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. A specially crafted Kroki diagram could lead to a stored XSS...
CVE-2023-1072
- EPSS 0.43%
- Veröffentlicht 09.03.2023 22:15:51
- Zuletzt bearbeitet 21.11.2024 07:38:24
An issue has been discovered in GitLab affecting all versions starting from 9.0 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. It was possible to trigger a resource depletion attack due to...
CVE-2022-3381
- EPSS 0.54%
- Veröffentlicht 09.03.2023 21:15:10
- Zuletzt bearbeitet 21.11.2024 07:19:24
An issue has been discovered in GitLab affecting all versions starting from 10.0 to 15.7.8, 15.8 prior to 15.8.4 and 15.9 prior to 15.9.2. A crafted URL could be used to redirect users to arbitrary sites
CVE-2022-4289
- EPSS 2.95%
- Veröffentlicht 09.03.2023 21:15:10
- Zuletzt bearbeitet 21.11.2024 07:34:56
An issue has been discovered in GitLab affecting all versions starting from 15.3 before 15.7.8, versions of 15.8 before 15.8.4, and version 15.9 before 15.9.2. Google IAP details in Prometheus integration were not hidden, could be leaked from instanc...
CVE-2023-0223
- EPSS 2.69%
- Veröffentlicht 09.03.2023 21:15:10
- Zuletzt bearbeitet 21.11.2024 07:36:46
An issue has been discovered in GitLab affecting all versions starting from 15.5 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. Non-project members could retrieve release descriptions via ...
CVE-2022-4462
- EPSS 0.39%
- Veröffentlicht 09.03.2023 20:15:09
- Zuletzt bearbeitet 21.11.2024 07:35:18
An issue has been discovered in GitLab affecting all versions starting from 12.8 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. This vulnerability could allow a user to unmask the Discord ...
CVE-2023-0483
- EPSS 0.42%
- Veröffentlicht 09.03.2023 20:15:09
- Zuletzt bearbeitet 21.11.2024 07:37:16
An issue has been discovered in GitLab affecting all versions starting from 12.1 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. It was possible for a project maintainer to extract a Datado...
CVE-2023-1084
- EPSS 3.93%
- Veröffentlicht 09.03.2023 20:15:09
- Zuletzt bearbeitet 21.11.2024 07:38:25
An issue has been discovered in GitLab CE/EE affecting all versions before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. A malicious project Maintainer may create a Project Access Token with Own...
CVE-2022-4007
- EPSS 1.05%
- Veröffentlicht 08.03.2023 23:15:10
- Zuletzt bearbeitet 21.11.2024 07:34:26
A issue has been discovered in GitLab CE/EE affecting all versions from 15.3 prior to 15.7.8, version 15.8 prior to 15.8.4, and version 15.9 prior to 15.9.2 A cross-site scripting vulnerability was found in the title field of work items that allowed ...