Vulnerabilities > Gitlab
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-05-23 | CVE-2023-6502 | Unspecified vulnerability in Gitlab A Denial of Service (DoS) condition has been discovered in GitLab CE/EE affecting all versions before 16.10.6, version 16.11 before 16.11.3, and 17.0 before 17.0.1. | 6.5 |
| 2024-05-23 | CVE-2023-7045 | Cross-Site Request Forgery (CSRF) vulnerability in Gitlab A CSRF vulnerability exists within GitLab CE/EE from versions 13.11 before 16.10.6, from 16.11 before 16.11.3, from 17.0 before 17.0.1. | 6.1 |
| 2024-05-23 | CVE-2024-1947 | Unspecified vulnerability in Gitlab A denial of service (DoS) condition was discovered in GitLab CE/EE affecting all versions from 13.2.4 before 16.10.6, 16.11 before 16.11.3, and 17.0 before 17.0.1. | 6.5 |
| 2024-05-23 | CVE-2024-5258 | Incorrect Authorization vulnerability in Gitlab An authorization vulnerability exists within GitLab from versions 16.10 before 16.10.6, 16.11 before 16.11.3, and 17.0 before 17.0.1 where an authenticated attacker could utilize a crafted naming convention to bypass pipeline authorization logic. | 4.3 |
| 2024-05-23 | CVE-2024-2874 | Allocation of Resources Without Limits or Throttling vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions before 16.10.6, version 16.11 before 16.11.3, and 17.0 before 17.0.1. | 6.5 |
| 2024-05-23 | CVE-2024-4835 | Cross-site Scripting vulnerability in Gitlab A XSS condition exists within GitLab in versions 15.11 before 16.10.6, 16.11 before 16.11.3, and 17.0 before 17.0.1. | 8.2 |
| 2024-05-14 | CVE-2024-4539 | Allocation of Resources Without Limits or Throttling vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 prior to 16.9.7, starting from 16.10 prior to 16.10.5, and starting from 16.11 prior to 16.11.2 where abusing the API to filter branch and tags could lead to Denial of Service. | 6.5 |
| 2024-05-14 | CVE-2024-4597 | Cross-Site Request Forgery (CSRF) vulnerability in Gitlab An issue has been discovered in GitLab EE affecting all versions from 16.7 before 16.9.7, all versions starting from 16.10 before 16.10.5, all versions starting from 16.11 before 16.11.2. | 6.5 |
| 2024-05-14 | CVE-2024-2651 | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions before 16.9.7, all versions starting from 16.10 before 16.10.5, all versions starting from 16.11 before 16.11.2. | 6.5 |
| 2024-05-14 | CVE-2024-2454 | Allocation of Resources Without Limits or Throttling vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.11 prior to 16.9.7, starting from 16.10 prior to 16.10.5, and starting from 16.11 prior to 16.11.2. | 6.5 |