Vulnerabilities > Gitlab > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-17 | CVE-2022-2884 | OS Command Injection vulnerability in Gitlab A vulnerability in GitLab CE/EE affecting all versions from 11.3.4 prior to 15.1.5, 15.2 to 15.2.3, 15.3 to 15.3 to 15.3.1 allows an an authenticated user to achieve remote code execution via the Import from GitHub API endpoint | 9.9 |
| 2022-10-17 | CVE-2022-2992 | Injection vulnerability in Gitlab A vulnerability in GitLab CE/EE affecting all versions from 11.10 prior to 15.1.6, 15.2 to 15.2.4, 15.3 to 15.3.2 allows an authenticated user to achieve remote code execution via the Import from GitHub API endpoint. | 9.9 |
| 2022-03-28 | CVE-2022-0735 | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.10 before 14.6.5, all versions starting from 14.7 before 14.7.4, all versions starting from 14.8 before 14.8.2. | 9.8 |
| 2020-10-07 | CVE-2020-13347 | Command Injection vulnerability in Gitlab A command injection vulnerability was discovered in Gitlab runner versions prior to 13.2.4, 13.3.2 and 13.4.1. | 9.0 |
| 2020-09-14 | CVE-2020-13300 | Incorrect Authorization vulnerability in Gitlab 13.3.0/13.3.1/13.3.2 GitLab CE/EE version 13.3 prior to 13.3.4 was vulnerable to an OAuth authorization scope change without user consent in the middle of the authorization flow. | 10.0 |
| 2019-09-16 | CVE-2019-15741 | Unspecified vulnerability in Gitlab Omnibus An issue was discovered in GitLab Omnibus 7.4 through 12.2.1. | 9.8 |