Vulnerabilities > Gitlab
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-15 | CVE-2018-17455 | Authorization Bypass Through User-Controlled Key vulnerability in Gitlab An issue was discovered in GitLab Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. | 7.5 |
| 2023-04-15 | CVE-2018-17536 | Cross-site Scripting vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. | 5.4 |
| 2023-04-05 | CVE-2023-0450 | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 8.1 to 15.8.5, and from 15.9 to 15.9.4, and from 15.10 to 15.10.1. | 4.6 |
| 2023-04-05 | CVE-2023-0838 | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab affecting versions starting from 15.1 before 15.8.5, 15.9 before 15.9.4, and 15.10 before 15.10.1. | 3.8 |
| 2023-04-05 | CVE-2023-1071 | Incorrect Authorization vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions from 15.5 before 15.8.5, all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. | 4.3 |
| 2023-04-05 | CVE-2023-1167 | Missing Authorization vulnerability in Gitlab Improper authorization in Gitlab EE affecting all versions from 12.3.0 before 15.8.5, all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1 allows an unauthorized access to security reports in MR. | 5.3 |
| 2023-04-05 | CVE-2023-1417 | Incorrect Authorization vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. | 4.3 |
| 2023-04-05 | CVE-2023-1708 | Command Injection vulnerability in Gitlab An issue was identified in GitLab CE/EE affecting all versions from 1.0 prior to 15.8.5, 15.9 prior to 15.9.4, and 15.10 prior to 15.10.1 where non-printable characters gets copied from clipboard, allowing unexpected commands to be executed on victim machine. | 9.8 |
| 2023-04-05 | CVE-2023-1710 | Unspecified vulnerability in Gitlab A sensitive information disclosure vulnerability in GitLab affecting all versions from 15.0 prior to 15.8.5, 15.9 prior to 15.9.4 and 15.10 prior to 15.10.1 allows an attacker to view the count of internal notes for a given issue. | 5.3 |
| 2023-04-05 | CVE-2023-1787 | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. | 5.3 |