Vulnerabilities > Gitlab
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-29 | CVE-2023-3115 | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab EE affecting all versions affecting all versions from 11.11 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1. | 4.3 |
| 2023-09-29 | CVE-2023-3906 | Unspecified vulnerability in Gitlab An input validation issue in the asset proxy in GitLab EE, affecting all versions from 12.3 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1, allowed an authenticated attacker to craft image urls which bypass the asset proxy. | 3.5 |
| 2023-09-29 | CVE-2023-3914 | Unspecified vulnerability in Gitlab A business logic error in GitLab EE affecting all versions prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows access to internal projects. | 5.3 |
| 2023-09-29 | CVE-2023-3917 | Unspecified vulnerability in Gitlab Denial of Service in pipelines affecting all versions of Gitlab EE and CE prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows attacker to cause pipelines to fail. | 7.5 |
| 2023-09-29 | CVE-2023-3920 | Incorrect Authorization vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 11.2 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. | 4.3 |
| 2023-09-29 | CVE-2023-3979 | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 10.6 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. | 4.3 |
| 2023-09-29 | CVE-2023-4532 | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. | 4.3 |
| 2023-09-19 | CVE-2023-5009 | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab EE affecting all versions starting from 13.12 before 16.2.7, all versions starting from 16.3 before 16.3.4. | 9.8 |
| 2023-09-11 | CVE-2023-4630 | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 10.6 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1 in which any user can read limited information about any project's imports. | 4.3 |
| 2023-09-01 | CVE-2022-4343 | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab EE affecting all versions starting from 13.12 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1 in which a project member can leak credentials stored in site profile. | 4.3 |