Vulnerabilities > Gitlab

DATE CVE VULNERABILITY TITLE RISK
2022-03-28 CVE-2021-4191 Unspecified vulnerability in Gitlab
An issue has been discovered in GitLab CE/EE affecting versions 13.0 to 14.6.5, 14.7 to 14.7.4, and 14.8 to 14.8.2.
network
low complexity
gitlab
5.3
5.3
2022-03-28 CVE-2022-0123 Improper Certificate Validation vulnerability in Gitlab
An issue has been discovered affecting GitLab versions prior to 14.4.5, between 14.5.0 and 14.5.3, and between 14.6.0 and 14.6.1.
network
high complexity
gitlab CWE-295
6.8
6.8
2022-03-28 CVE-2022-0136 Server-Side Request Forgery (SSRF) vulnerability in Gitlab
A vulnerability was discovered in GitLab versions 10.5 to 14.5.4, 14.6 to 14.6.4, and 14.7 to 14.7.1.
network
low complexity
gitlab CWE-918
8.1
8.1
2022-03-28 CVE-2022-0249 Server-Side Request Forgery (SSRF) vulnerability in Gitlab
A vulnerability was discovered in GitLab starting with version 12.
network
low complexity
gitlab CWE-918
critical
 9.1
9.1
2022-03-28 CVE-2022-0283 Open Redirect vulnerability in Gitlab
An issue has been discovered affecting GitLab versions prior to 13.5.
network
low complexity
gitlab CWE-601
6.1
6.1
2022-03-28 CVE-2022-0344 Unspecified vulnerability in Gitlab
An issue has been discovered in GitLab affecting all versions starting from 10.0 before 14.5.4, all versions starting from 10.1 before 14.6.4, all versions starting from 10.2 before 14.7.1.
network
low complexity
gitlab
4.3
4.3
2022-03-28 CVE-2022-0371 Unspecified vulnerability in Gitlab
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.4 before 14.5.4, all versions starting from 14.6 before 14.6.4, all versions starting from 14.7 before 14.7.1.
network
low complexity
gitlab
4.3
4.3
2022-03-28 CVE-2022-0427 Cross-Site Request Forgery (CSRF) vulnerability in Gitlab
Missing sanitization of HTML attributes in Jupyter notebooks in all versions of GitLab CE/EE since version 14.5 allows an attacker to perform arbitrary HTTP POST requests on a user's behalf leading to potential account takeover
network
low complexity
gitlab CWE-352
8.8
8.8
2022-03-28 CVE-2022-0488 Resource Exhaustion vulnerability in Gitlab
An issue has been discovered in GitLab CE/EE affecting all versions starting with version 8.10.
network
low complexity
gitlab CWE-400
4.3
4.3
2022-03-28 CVE-2022-0549 Unspecified vulnerability in Gitlab
An issue has been discovered in GitLab CE/EE affecting all versions before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2.
network
low complexity
gitlab
6.5
6.5