Vulnerabilities > Gitlab
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-06-27 | CVE-2024-6323 | Incorrect Authorization vulnerability in Gitlab Improper authorization in global search in GitLab EE affecting all versions from 16.11 prior to 16.11.5 and 17.0 prior to 17.0.3 and 17.1 prior to 17.1.1 allows an attacker leak content of a private repository in a public project. | 7.5 |
2024-06-14 | CVE-2024-5469 | Improper Check for Unusual or Exceptional Conditions vulnerability in Gitlab DoS in KAS in GitLab CE/EE affecting all versions from 16.10.0 prior to 16.10.6 and 16.11.0 prior to 16.11.3 allows an attacker to crash KAS via crafted gRPC requests. | 4.3 |
2024-06-12 | CVE-2024-1495 | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.1 prior to 16.10.7, starting from 16.11 prior to 16.11.4, and starting from 17.0 prior to 17.0.2. | 6.5 |
2024-06-12 | CVE-2024-1736 | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions prior to 16.10.7, starting from 16.11 prior to 16.11.4, and starting from 17.0 prior to 17.0.2. | 6.5 |
2024-06-12 | CVE-2024-1963 | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.4 prior to 16.10.7, starting from 16.11 prior to 16.11.4, and starting from 17.0 prior to 17.0.2. | 6.5 |
2024-06-12 | CVE-2024-4201 | Cross-site Scripting vulnerability in Gitlab A cross-site scripting issue has been discovered in GitLab affecting all versions starting from 5.1 before 16.10.7, all versions starting from 16.11 before 16.111.4, all versions starting from 17.0 before 17.0.2. | 4.4 |
2024-05-24 | CVE-2024-5318 | Missing Authorization vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.11 prior to 16.10.6, starting from 16.11 prior to 16.11.3, and starting from 17.0 prior to 17.0.1. | 5.3 |
2024-05-23 | CVE-2023-6502 | Unspecified vulnerability in Gitlab A Denial of Service (DoS) condition has been discovered in GitLab CE/EE affecting all versions before 16.10.6, version 16.11 before 16.11.3, and 17.0 before 17.0.1. | 6.5 |
2024-05-23 | CVE-2023-7045 | Cross-Site Request Forgery (CSRF) vulnerability in Gitlab A CSRF vulnerability exists within GitLab CE/EE from versions 13.11 before 16.10.6, from 16.11 before 16.11.3, from 17.0 before 17.0.1. | 6.1 |
2024-05-23 | CVE-2024-1947 | Unspecified vulnerability in Gitlab A denial of service (DoS) condition was discovered in GitLab CE/EE affecting all versions from 13.2.4 before 16.10.6, 16.11 before 16.11.3, and 17.0 before 17.0.1. | 6.5 |