Vulnerabilities > Gitlab

DATE CVE VULNERABILITY TITLE RISK
2022-04-01 CVE-2022-0425 Server-Side Request Forgery (SSRF) vulnerability in Gitlab
A DNS rebinding vulnerability in the Irker IRC Gateway integration in all versions of GitLab CE/EE since version 7.9 allows an attacker to trigger Server Side Request Forgery (SSRF) attacks.
network
low complexity
gitlab CWE-918
7.6
7.6
2022-04-01 CVE-2022-0489 Resource Exhaustion vulnerability in Gitlab
An issue has been discovered in GitLab CE/EE affecting all versions starting with 8.15 .
network
low complexity
gitlab CWE-400
5.7
5.7
2022-04-01 CVE-2022-0741 Improper Encoding or Escaping of Output vulnerability in Gitlab
Improper input validation in all versions of GitLab CE/EE using sendmail to send emails allowed an attacker to steal environment variables via specially crafted email addresses.
network
low complexity
gitlab CWE-116
7.5
7.5
2022-03-28 CVE-2021-39876 Incorrect Authorization vulnerability in Gitlab
In all versions of GitLab CE/EE since version 11.3, the endpoint for auto-completing Assignee discloses the members of private groups.
network
low complexity
gitlab CWE-863
4.3
4.3
2022-03-28 CVE-2021-4191 Unspecified vulnerability in Gitlab
An issue has been discovered in GitLab CE/EE affecting versions 13.0 to 14.6.5, 14.7 to 14.7.4, and 14.8 to 14.8.2.
network
low complexity
gitlab
5.3
5.3
2022-03-28 CVE-2022-0123 Improper Certificate Validation vulnerability in Gitlab
An issue has been discovered affecting GitLab versions prior to 14.4.5, between 14.5.0 and 14.5.3, and between 14.6.0 and 14.6.1.
network
high complexity
gitlab CWE-295
6.8
6.8
2022-03-28 CVE-2022-0136 Server-Side Request Forgery (SSRF) vulnerability in Gitlab
A vulnerability was discovered in GitLab versions 10.5 to 14.5.4, 14.6 to 14.6.4, and 14.7 to 14.7.1.
network
low complexity
gitlab CWE-918
8.1
8.1
2022-03-28 CVE-2022-0249 Server-Side Request Forgery (SSRF) vulnerability in Gitlab
A vulnerability was discovered in GitLab starting with version 12.
network
low complexity
gitlab CWE-918
critical
 9.1
9.1
2022-03-28 CVE-2022-0283 Open Redirect vulnerability in Gitlab
An issue has been discovered affecting GitLab versions prior to 13.5.
network
low complexity
gitlab CWE-601
6.1
6.1
2022-03-28 CVE-2022-0344 Unspecified vulnerability in Gitlab
An issue has been discovered in GitLab affecting all versions starting from 10.0 before 14.5.4, all versions starting from 10.1 before 14.6.4, all versions starting from 10.2 before 14.7.1.
network
low complexity
gitlab
4.3
4.3