Vulnerabilities > Gitlab > Gitlab > 12.9.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-11-06 | CVE-2023-3246 | Resource Exhaustion vulnerability in Gitlab An issue has been discovered in GitLab EE/CE affecting all versions starting before 16.3.6, all versions starting from 16.4 before 16.4.2, all versions starting from 16.5 before 16.5.1 which allows an attackers to block Sidekiq job processor. | 4.3 |
2023-11-06 | CVE-2023-3399 | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab EE affecting all versions starting from 11.6 before 16.3.6, all versions starting from 16.4 before 16.4.2, all versions starting from 16.5 before 16.5.1. | 7.7 |
2023-11-06 | CVE-2023-3909 | Resource Exhaustion vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.3 before 16.3.6, all versions starting from 16.4 before 16.4.2, all versions starting from 16.5 before 16.5.1. | 6.5 |
2023-09-29 | CVE-2023-3922 | Injection vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 8.15 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. | 7.1 |
2023-09-29 | CVE-2023-5198 | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions prior to 16.2.7, all versions starting from 16.3 before 16.3.5, and all versions starting from 16.4 before 16.4.1. | 4.3 |
2023-09-29 | CVE-2023-2233 | Unspecified vulnerability in Gitlab An improper authorization issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 before 16.2.8, all versions starting from 16.3 before 16.3.5 and all versions starting from 16.4 before 16.4.1. | 4.3 |
2023-09-29 | CVE-2023-3115 | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab EE affecting all versions affecting all versions from 11.11 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1. | 4.3 |
2023-09-29 | CVE-2023-3906 | Unspecified vulnerability in Gitlab An input validation issue in the asset proxy in GitLab EE, affecting all versions from 12.3 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1, allowed an authenticated attacker to craft image urls which bypass the asset proxy. | 3.5 |
2023-09-29 | CVE-2023-3914 | Unspecified vulnerability in Gitlab A business logic error in GitLab EE affecting all versions prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows access to internal projects. | 5.3 |
2023-09-29 | CVE-2023-3917 | Unspecified vulnerability in Gitlab Denial of Service in pipelines affecting all versions of Gitlab EE and CE prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows attacker to cause pipelines to fail. | 7.5 |