Vulnerabilities > Gitlab
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-26 | CVE-2022-4054 | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 9.3 before 15.4.6, all versions starting from 15.5 before 15.5.5, all versions starting from 15.6 before 15.6.1. | 5.5 |
| 2023-01-26 | CVE-2022-4092 | Injection vulnerability in Gitlab 15.6.0 An issue has been discovered in GitLab EE affecting all versions starting from 15.6 before 15.6.1. | 8.0 |
| 2023-01-26 | CVE-2022-3902 | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 9.3 before 15.4.6, all versions starting from 15.5 before 15.5.5, all versions starting from 15.6 before 15.6.1. | 6.4 |
| 2023-01-26 | CVE-2022-3478 | Unrestricted Upload of File with Dangerous Type vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 12.8 before 15.4.6, all versions starting from 15.5 before 15.5.5, all versions starting from 15.6 before 15.6.1. | 4.3 |
| 2023-01-26 | CVE-2022-3482 | Unspecified vulnerability in Gitlab An improper access control issue in GitLab CE/EE affecting all versions from 11.3 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allowed an unauthorized user to see release names even when releases we set to be restricted to project members only | 5.3 |
| 2023-01-26 | CVE-2022-3572 | Cross-site Scripting vulnerability in Gitlab A cross-site scripting issue has been discovered in GitLab CE/EE affecting all versions from 13.5 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2. | 6.1 |
| 2023-01-26 | CVE-2022-3740 | Incorrect Authorization vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.9 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2. | 4.9 |
| 2023-01-26 | CVE-2022-3820 | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2. | 6.5 |
| 2023-01-17 | CVE-2022-2251 | Command Injection vulnerability in Gitlab Runner Improper sanitization of branch names in GitLab Runner affecting all versions prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows a user who creates a branch with a specially crafted name and gets another user to trigger a pipeline to execute commands in the runner as that other user. | 8.0 |
| 2023-01-17 | CVE-2022-2907 | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.9 before 15.1.6, all versions starting from 15.2 before 15.2.4, all versions starting from 15.3 before 15.3.2. | 6.5 |