Vulnerabilities > Gitlab > Gitlab > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-09 | CVE-2023-4379 | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab EE affecting all versions starting from 15.3 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1. | 7.5 |
| 2023-11-06 | CVE-2023-3399 | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab EE affecting all versions starting from 11.6 before 16.3.6, all versions starting from 16.4 before 16.4.2, all versions starting from 16.5 before 16.5.1. | 7.7 |
| 2023-10-02 | CVE-2023-5106 | Unspecified vulnerability in Gitlab An issue has been discovered in Ultimate-licensed GitLab EE affecting all versions starting 13.12 prior to 16.2.8, 16.3.0 prior to 16.3.5, and 16.4.0 prior to 16.4.1 that could allow an attacker to impersonate users in CI pipelines through direct transfer group imports. | 7.5 |
| 2023-09-30 | CVE-2023-5207 | Unspecified vulnerability in Gitlab A vulnerability was discovered in GitLab CE and EE affecting all versions starting 16.0 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1. | 8.8 |
| 2023-09-29 | CVE-2023-3413 | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. | 7.5 |
| 2023-09-29 | CVE-2023-3922 | Injection vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 8.15 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. | 7.1 |
| 2023-09-29 | CVE-2023-3917 | Unspecified vulnerability in Gitlab Denial of Service in pipelines affecting all versions of Gitlab EE and CE prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows attacker to cause pipelines to fail. | 7.5 |
| 2023-09-01 | CVE-2023-3915 | Incorrect Permission Assignment for Critical Resource vulnerability in Gitlab An issue has been discovered in GitLab EE affecting all versions starting from 16.1 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. | 7.2 |
| 2023-09-01 | CVE-2023-4647 | Resource Exhaustion vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 15.2 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1 in which the projects API pagination can be skipped, potentially leading to DoS on certain instances. | 7.5 |
| 2023-08-02 | CVE-2023-4011 | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab EE affecting all versions from 15.11 prior to 16.2.2 which allows an attacker to spike the resource consumption resulting in DoS. | 7.5 |