Vulnerabilities > Gitlab > Gitlab > 15.6.0

DATE CVE VULNERABILITY TITLE RISK
2023-01-27 CVE-2022-4335 Server-Side Request Forgery (SSRF) vulnerability in Gitlab
A blind SSRF vulnerability was identified in all versions of GitLab EE prior to 15.4.6, 15.5 prior to 15.5.5, and 15.6 prior to 15.6.1 which allows an attacker to connect to a local host.
network
low complexity
gitlab CWE-918
4.3
4.3
2023-01-26 CVE-2022-4054 Unspecified vulnerability in Gitlab
An issue has been discovered in GitLab affecting all versions starting from 9.3 before 15.4.6, all versions starting from 15.5 before 15.5.5, all versions starting from 15.6 before 15.6.1.
network
low complexity
gitlab
5.5
5.5
2023-01-26 CVE-2022-4092 Cross-site Scripting vulnerability in Gitlab 15.6.0
An issue has been discovered in GitLab EE affecting all versions starting from 15.6 before 15.6.1.
network
low complexity
gitlab CWE-79
8.0
8.0
2023-01-26 CVE-2022-3902 Unspecified vulnerability in Gitlab
An issue has been discovered in GitLab affecting all versions starting from 9.3 before 15.4.6, all versions starting from 15.5 before 15.5.5, all versions starting from 15.6 before 15.6.1.
network
low complexity
gitlab
6.4
6.4
2023-01-26 CVE-2022-3478 Unrestricted Upload of File with Dangerous Type vulnerability in Gitlab
An issue has been discovered in GitLab affecting all versions starting from 12.8 before 15.4.6, all versions starting from 15.5 before 15.5.5, all versions starting from 15.6 before 15.6.1.
network
low complexity
gitlab CWE-434
4.3
4.3
2023-01-26 CVE-2022-3482 Missing Authorization vulnerability in Gitlab
An improper access control issue in GitLab CE/EE affecting all versions from 11.3 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allowed an unauthorized user to see release names even when releases we set to be restricted to project members only
network
low complexity
gitlab CWE-862
5.3
5.3
2023-01-26 CVE-2022-3572 Cross-site Scripting vulnerability in Gitlab
A cross-site scripting issue has been discovered in GitLab CE/EE affecting all versions from 13.5 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2.
network
low complexity
gitlab CWE-79
6.1
6.1
2023-01-26 CVE-2022-3740 Unspecified vulnerability in Gitlab
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.9 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2.
network
low complexity
gitlab
4.9
4.9
2023-01-26 CVE-2022-3820 Unspecified vulnerability in Gitlab
An issue has been discovered in GitLab affecting all versions starting from 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2.
network
low complexity
gitlab
6.5
6.5
2023-01-12 CVE-2022-3514 Unspecified vulnerability in Gitlab
An issue has been discovered in GitLab CE/EE affecting all versions starting from 6.6 before 15.5.7, all versions starting from 15.6 before 15.6.4, all versions starting from 15.7 before 15.7.2.
network
low complexity
gitlab
5.3
5.3