Vulnerabilities > Gitlab

DATE CVE VULNERABILITY TITLE RISK
2023-01-26 CVE-2022-4054 Unspecified vulnerability in Gitlab
An issue has been discovered in GitLab affecting all versions starting from 9.3 before 15.4.6, all versions starting from 15.5 before 15.5.5, all versions starting from 15.6 before 15.6.1.
network
low complexity
gitlab
5.5
2023-01-26 CVE-2022-4092 Injection vulnerability in Gitlab 15.6.0
An issue has been discovered in GitLab EE affecting all versions starting from 15.6 before 15.6.1.
network
low complexity
gitlab CWE-74
8.0
2023-01-26 CVE-2022-3902 Unspecified vulnerability in Gitlab
An issue has been discovered in GitLab affecting all versions starting from 9.3 before 15.4.6, all versions starting from 15.5 before 15.5.5, all versions starting from 15.6 before 15.6.1.
network
low complexity
gitlab
6.4
2023-01-26 CVE-2022-3478 Unrestricted Upload of File with Dangerous Type vulnerability in Gitlab
An issue has been discovered in GitLab affecting all versions starting from 12.8 before 15.4.6, all versions starting from 15.5 before 15.5.5, all versions starting from 15.6 before 15.6.1.
network
low complexity
gitlab CWE-434
4.3
2023-01-26 CVE-2022-3482 Unspecified vulnerability in Gitlab
An improper access control issue in GitLab CE/EE affecting all versions from 11.3 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allowed an unauthorized user to see release names even when releases we set to be restricted to project members only
network
low complexity
gitlab
5.3
2023-01-26 CVE-2022-3572 Cross-site Scripting vulnerability in Gitlab
A cross-site scripting issue has been discovered in GitLab CE/EE affecting all versions from 13.5 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2.
network
low complexity
gitlab CWE-79
6.1
2023-01-26 CVE-2022-3740 Incorrect Authorization vulnerability in Gitlab
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.9 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2.
network
low complexity
gitlab CWE-863
4.9
2023-01-26 CVE-2022-3820 Unspecified vulnerability in Gitlab
An issue has been discovered in GitLab affecting all versions starting from 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2.
network
low complexity
gitlab
6.5
2023-01-17 CVE-2022-2251 Command Injection vulnerability in Gitlab Runner
Improper sanitization of branch names in GitLab Runner affecting all versions prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows a user who creates a branch with a specially crafted name and gets another user to trigger a pipeline to execute commands in the runner as that other user.
network
low complexity
gitlab CWE-77
8.0
2023-01-17 CVE-2022-2907 Unspecified vulnerability in Gitlab
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.9 before 15.1.6, all versions starting from 15.2 before 15.2.4, all versions starting from 15.3 before 15.3.2.
network
low complexity
gitlab
6.5