Vulnerabilities > Gitlab > Gitlab > 11.11

DATE CVE VULNERABILITY TITLE RISK
2023-05-03 CVE-2023-1265 Session Fixation vulnerability in Gitlab
An issue has been discovered in GitLab affecting all versions starting from 11.9 before 15.9.6, all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1.
network
low complexity
gitlab CWE-384
4.5
4.5
2023-05-03 CVE-2023-1836 Cross-site Scripting vulnerability in Gitlab
A cross-site scripting issue has been discovered in GitLab affecting all versions starting from 5.1 before 15.9.6, all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1.
network
low complexity
gitlab CWE-79
5.4
5.4
2023-05-03 CVE-2023-2069 Exposure of Resource to Wrong Sphere vulnerability in Gitlab
An issue has been discovered in GitLab affecting all versions starting from 10.0 before 12.9.8, all versions starting from 12.10 before 12.10.7, all versions starting from 13.0 before 13.0.1.
network
low complexity
gitlab CWE-668
4.3
4.3
2023-04-16 CVE-2019-14942 Cleartext Transmission of Sensitive Information vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition before 11.11.8, 12 before 12.0.6, and 12.1 before 12.1.6.
network
high complexity
gitlab CWE-319
5.9
5.9
2023-04-16 CVE-2019-14944 Command Injection vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition before 11.11.8, 12 before 12.0.6, and 12.1 before 12.1.6.
network
low complexity
gitlab CWE-77
6.5
6.5
2023-03-09 CVE-2023-1072 Resource Exhaustion vulnerability in Gitlab
An issue has been discovered in GitLab affecting all versions starting from 9.0 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2.
network
low complexity
gitlab CWE-400
5.3
5.3
2023-03-09 CVE-2022-3381 Open Redirect vulnerability in Gitlab
An issue has been discovered in GitLab affecting all versions starting from 10.0 to 15.7.8, 15.8 prior to 15.8.4 and 15.9 prior to 15.9.2.
network
low complexity
gitlab CWE-601
6.1
6.1
2023-03-09 CVE-2023-1084 Unspecified vulnerability in Gitlab
An issue has been discovered in GitLab CE/EE affecting all versions before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2.
network
low complexity
gitlab
2.7
2.7
2023-02-13 CVE-2022-4138 Cross-Site Request Forgery (CSRF) vulnerability in Gitlab
A Cross Site Request Forgery issue has been discovered in GitLab CE/EE affecting all versions before 15.6.7, all versions starting from 15.7 before 15.7.6, and all versions starting from 15.8 before 15.8.1.
network
low complexity
gitlab CWE-352
8.1
8.1
2023-01-27 CVE-2022-4201 Server-Side Request Forgery (SSRF) vulnerability in Gitlab
A blind SSRF in GitLab CE/EE affecting all from 11.3 prior to 15.4.6, 15.5 prior to 15.5.5, and 15.6 prior to 15.6.1 allows an attacker to connect to local addresses when configuring a malicious GitLab Runner.
network
low complexity
gitlab CWE-918
5.3
5.3