Vulnerabilities > Gitlab
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-04-15 | CVE-2018-17451 | Cross-Site Request Forgery (CSRF) vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. | 8.8 |
2023-04-15 | CVE-2018-17452 | Server-Side Request Forgery (SSRF) vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. | 9.8 |
2023-04-15 | CVE-2018-17453 | Unspecified vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. | 5.3 |
2023-04-15 | CVE-2018-17454 | Cross-site Scripting vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. | 5.4 |
2023-04-15 | CVE-2018-17455 | Authorization Bypass Through User-Controlled Key vulnerability in Gitlab An issue was discovered in GitLab Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. | 7.5 |
2023-04-15 | CVE-2018-17536 | Cross-site Scripting vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. | 5.4 |
2023-03-09 | CVE-2022-3758 | Incorrect Default Permissions vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 15.5 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. | 5.4 |
2023-03-09 | CVE-2022-3767 | Unspecified vulnerability in Gitlab Dynamic Application Security Testing Analyzer Missing validation in DAST analyzer affecting all versions from 1.11.0 prior to 3.0.32, allows custom request headers to be sent with every request, regardless of the host. | 6.5 |
2023-03-09 | CVE-2022-4331 | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab EE affecting all versions starting from 15.1 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. | 7.3 |
2023-03-09 | CVE-2023-0050 | Cross-site Scripting vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 13.7 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. | 5.4 |