Vulnerabilities > Gitlab > Gitlab > 12.8.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-03 | CVE-2023-1265 | Session Fixation vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 11.9 before 15.9.6, all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1. | 4.5 |
| 2023-05-03 | CVE-2023-1836 | Cross-site Scripting vulnerability in Gitlab A cross-site scripting issue has been discovered in GitLab affecting all versions starting from 5.1 before 15.9.6, all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1. | 5.4 |
| 2023-05-03 | CVE-2023-2069 | Exposure of Resource to Wrong Sphere vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 10.0 before 12.9.8, all versions starting from 12.10 before 12.10.7, all versions starting from 13.0 before 13.0.1. | 4.3 |
| 2023-04-05 | CVE-2023-0450 | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 8.1 to 15.8.5, and from 15.9 to 15.9.4, and from 15.10 to 15.10.1. | 4.6 |
| 2023-04-05 | CVE-2023-1167 | Missing Authorization vulnerability in Gitlab Improper authorization in Gitlab EE affecting all versions from 12.3.0 before 15.8.5, all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1 allows an unauthorized access to security reports in MR. | 5.3 |
| 2023-04-05 | CVE-2023-1708 | Command Injection vulnerability in Gitlab An issue was identified in GitLab CE/EE affecting all versions from 1.0 prior to 15.8.5, 15.9 prior to 15.9.4, and 15.10 prior to 15.10.1 where non-printable characters gets copied from clipboard, allowing unexpected commands to be executed on victim machine. | 9.8 |
| 2023-04-05 | CVE-2022-3375 | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 11.10 before 15.8.5, all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. | 3.7 |
| 2023-04-05 | CVE-2022-3513 | Cross-site Scripting vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 12.8 before 15.8.5, all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. | 6.1 |
| 2023-04-05 | CVE-2023-1098 | Unspecified vulnerability in Gitlab An information disclosure vulnerability has been discovered in GitLab EE/CE affecting all versions starting from 11.5 before 15.8.5, all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1 will allow an admin to leak password from repository mirror configuration. | 4.9 |
| 2023-04-05 | CVE-2023-1733 | Unspecified vulnerability in Gitlab A denial of service condition exists in the Prometheus server bundled with GitLab affecting all versions from 11.10 to 15.8.5, 15.9 to 15.9.4 and 15.10 to 15.10.1. | 7.5 |