Vulnerabilities > Gitlab > Gitlab > 14.5.0

DATE CVE VULNERABILITY TITLE RISK
2022-01-18 CVE-2021-39946 Cross-site Scripting vulnerability in Gitlab
Improper neutralization of user input in GitLab CE/EE versions 14.3 to 14.3.6, 14.4 to 14.4.4, and 14.5 to 14.5.2 allowed an attacker to exploit XSS by abusing the generation of the HTML code related to emojis
network
gitlab CWE-79
3.5
3.5
2022-01-18 CVE-2022-0090 Improper Privilege Management vulnerability in Gitlab
An issue has been discovered affecting GitLab versions prior to 14.4.5, between 14.5.0 and 14.5.3, and between 14.6.0 and 14.6.1.
network
low complexity
gitlab CWE-269
5.0
5.0
2022-01-18 CVE-2022-0093 Unspecified vulnerability in Gitlab
An issue has been discovered affecting GitLab versions prior to 14.4.5, between 14.5.0 and 14.5.3, and between 14.6.0 and 14.6.1.
network
low complexity
gitlab
4.3
4.3
2022-01-18 CVE-2022-0124 Improper Encoding or Escaping of Output vulnerability in Gitlab
An issue has been discovered affecting GitLab versions prior to 14.4.5, between 14.5.0 and 14.5.3, and between 14.6.0 and 14.6.1.
network
low complexity
gitlab CWE-116
4.3
4.3
2022-01-18 CVE-2022-0125 Missing Authorization vulnerability in Gitlab
An issue has been discovered in GitLab affecting all versions starting from 12.0 before 14.4.5, all versions starting from 14.5.0 before 14.5.3, all versions starting from 14.6.0 before 14.6.2.
network
low complexity
gitlab CWE-862
4.3
4.3
2022-01-18 CVE-2022-0151 Unspecified vulnerability in Gitlab
An issue has been discovered in GitLab affecting all versions starting from 12.10 before 14.4.5, all versions starting from 14.5.0 before 14.5.3, all versions starting from 14.6.0 before 14.6.2.
network
low complexity
gitlab
5.0
5.0
2022-01-18 CVE-2022-0152 Missing Authorization vulnerability in Gitlab
An issue has been discovered in GitLab affecting all versions starting from 13.10 before 14.4.5, all versions starting from 14.5.0 before 14.5.3, all versions starting from 14.6.0 before 14.6.2.
network
low complexity
gitlab CWE-862
4.0
4.0
2022-01-18 CVE-2022-0154 Cross-Site Request Forgery (CSRF) vulnerability in Gitlab
An issue has been discovered in GitLab affecting all versions starting from 7.7 before 14.4.5, all versions starting from 14.5.0 before 14.5.3, all versions starting from 14.6.0 before 14.6.2.
network
gitlab CWE-352
6.0
6.0
2022-01-18 CVE-2022-0172 Unspecified vulnerability in Gitlab
An issue has been discovered in GitLab CE/EE affecting all versions starting with 12.3.
network
low complexity
gitlab
6.5
6.5
2022-01-18 CVE-2022-0244 Files or Directories Accessible to External Parties vulnerability in Gitlab
An issue has been discovered in GitLab CE/EE affecting all versions starting with 14.5.
network
low complexity
gitlab CWE-552
5.0
5.0