Vulnerabilities > Gitlab > Gitlab > 15.3.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-26 | CVE-2022-3740 | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.9 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2. | 4.9 |
| 2023-01-12 | CVE-2022-4037 | Race Condition vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions before 15.5.7, all versions starting from 15.6 before 15.6.4, all versions starting from 15.7 before 15.7.2. | 8.5 |
| 2023-01-12 | CVE-2022-4365 | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 before 15.5.7, all versions starting from 15.6 before 15.6.4, all versions starting from 15.7 before 15.7.2. | 4.3 |
| 2023-01-12 | CVE-2023-0042 | Open Redirect vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.4 prior to 15.5.7, 15.6 prior to 15.6.4, and 15.7 prior to 15.7.2. | 6.1 |
| 2022-11-10 | CVE-2022-3413 | Authorization Bypass Through User-Controlled Key vulnerability in Gitlab Incorrect authorization during display of Audit Events in GitLab EE affecting all versions from 14.5 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2, allowed Developers to view the project's Audit Events and Developers or Maintainers to view the group's Audit Events. | 4.3 |
| 2022-11-10 | CVE-2022-3819 | Incorrect Authorization vulnerability in Gitlab An improper authorization issue in GitLab CE/EE affecting all versions from 15.0 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows a malicious users to set emojis on internal notes they don't have access to. | 4.3 |
| 2022-10-28 | CVE-2022-3018 | Information Exposure Through Log Files vulnerability in Gitlab An information disclosure vulnerability in GitLab CE/EE affecting all versions starting from 9.3 before 15.2.5, all versions starting from 15.3 before 15.3.4, all versions starting from 15.4 before 15.4.1 allows a project maintainer to access the DataDog integration API key from webhook logs. | 4.9 |
| 2022-10-17 | CVE-2022-3325 | Unspecified vulnerability in Gitlab Improper access control in the GitLab CE/EE API affecting all versions starting from 12.8 before 15.2.5, all versions starting from 15.3 before 15.3.4, all versions starting from 15.4 before 15.4.1. | 4.3 |
| 2022-10-17 | CVE-2022-3330 | Unspecified vulnerability in Gitlab It was possible for a guest user to read a todo targeting an inaccessible note in Gitlab CE/EE affecting all versions from 15.0 prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1. | 4.3 |
| 2022-10-17 | CVE-2022-3351 | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab EE affecting all versions starting from 13.7 before 15.2.5, all versions starting from 15.3 before 15.3.4, all versions starting from 15.4 before 15.4.1. | 4.3 |