Gitlab

GitLab

1271 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2022-1935

  • EPSS 0.14%
  • Veröffentlicht 06.06.2022 17:15:10
  • Zuletzt bearbeitet 21.11.2024 06:41:47

Incorrect authorization in GitLab EE affecting all versions from 12.0 before 14.9.5, all versions starting from 14.10 before 14.10.4, all versions starting from 15.0 before 15.0.1 allowed an attacker already in possession of a valid Project Trigger T...

6.5

CVE-2022-1936

  • EPSS 0.17%
  • Veröffentlicht 06.06.2022 17:15:10
  • Zuletzt bearbeitet 21.11.2024 06:41:47

Incorrect authorization in GitLab EE affecting all versions from 12.0 before 14.9.5, all versions starting from 14.10 before 14.10.4, all versions starting from 15.0 before 15.0.1 allowed an attacker already in possession of a valid Project Deploy To...

5.4

CVE-2022-1940

  • EPSS 0.18%
  • Veröffentlicht 06.06.2022 17:15:10
  • Zuletzt bearbeitet 21.11.2024 06:41:47

A Stored Cross-Site Scripting vulnerability in Jira integration in GitLab EE affecting all versions from 13.11 prior to 14.9.5, 14.10 prior to 14.10.4, and 15.0 prior to 15.0.1 allows an attacker to execute arbitrary JavaScript code in GitLab on a vi...

7.1

CVE-2022-1944

  • EPSS 0.16%
  • Veröffentlicht 06.06.2022 17:15:10
  • Zuletzt bearbeitet 21.11.2024 06:41:48

When the feature is configured, improper authorization in the Interactive Web Terminal in GitLab CE/EE affecting all versions from 11.3 prior to 14.9.5, 14.10 prior to 14.10.4, and 15.0 prior to 15.0.1 allows users with the Developer role to open ter...

7.5

CVE-2022-1413

  • EPSS 0.21%
  • Veröffentlicht 19.05.2022 18:15:09
  • Zuletzt bearbeitet 21.11.2024 06:40:40

Missing input masking in GitLab CE/EE affecting all versions starting from 1.0.2 before 14.8.6, all versions from 14.9.0 before 14.9.4, and all versions from 14.10.0 before 14.10.1 causes potentially sensitive integration properties to be disclosed i...

5.4

CVE-2022-1416

Exploit
  • EPSS 0.15%
  • Veröffentlicht 19.05.2022 18:15:09
  • Zuletzt bearbeitet 21.11.2024 06:40:41

Missing sanitization of data in Pipeline error messages in GitLab CE/EE affecting all versions starting from 1.0.2 before 14.8.6, all versions from 14.9.0 before 14.9.4, and all versions from 14.10.0 before 14.10.1 allows for rendering of attacker co...

8.8

CVE-2022-1423

  • EPSS 0.09%
  • Veröffentlicht 19.05.2022 18:15:09
  • Zuletzt bearbeitet 21.11.2024 06:40:42

Improper access control in the CI/CD cache mechanism in GitLab CE/EE affecting all versions starting from 1.0.2 before 14.8.6, all versions from 14.9.0 before 14.9.4, and all versions from 14.10.0 before 14.10.1 allows a malicious actor with Develope...

6.1

CVE-2022-1433

  • EPSS 0.23%
  • Veröffentlicht 11.05.2022 15:15:09
  • Zuletzt bearbeitet 21.11.2024 06:40:43

An issue has been discovered in GitLab affecting all versions starting from 14.4 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. Missing invalidation of Markdown caching causes potential ...

4.9

CVE-2022-1460

  • EPSS 0.26%
  • Veröffentlicht 11.05.2022 15:15:09
  • Zuletzt bearbeitet 21.11.2024 06:40:45

An issue has been discovered in GitLab affecting all versions starting from 9.2 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. GitLab was not performing correct authorizations on schedul...

7.5

CVE-2022-1510

  • EPSS 0.22%
  • Veröffentlicht 11.05.2022 15:15:09
  • Zuletzt bearbeitet 21.11.2024 06:40:52

An issue has been discovered in GitLab affecting all versions starting from 13.9 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. GitLab was not correctly handling malicious text in the CI...