Vulnerabilities > Gitlab > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-27 | CVE-2024-5655 | Unspecified vulnerability in Gitlab An issue was discovered in GitLab CE/EE affecting all versions starting from 15.8 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows an attacker to trigger a pipeline as another user under certain circumstances. | 8.8 |
| 2024-06-27 | CVE-2024-6323 | Incorrect Authorization vulnerability in Gitlab Improper authorization in global search in GitLab EE affecting all versions from 16.11 prior to 16.11.5 and 17.0 prior to 17.0.3 and 17.1 prior to 17.1.1 allows an attacker leak content of a private repository in a public project. | 7.5 |
| 2024-05-23 | CVE-2024-4835 | Cross-site Scripting vulnerability in Gitlab A XSS condition exists within GitLab in versions 15.11 before 16.10.6, 16.11 before 16.11.3, and 17.0 before 17.0.1. | 8.2 |
| 2024-04-25 | CVE-2024-4024 | Improper Authentication vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions starting from 7.8 before 16.9.6, all versions starting from 16.10 before 16.10.4, all versions starting from 16.11 before 16.11.1. | 8.8 |
| 2024-04-25 | CVE-2024-2434 | Path Traversal vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions of GitLab CE/EE 16.9 prior to 16.9.6, 16.10 prior to 16.10.4, and 16.11 prior to 16.11.1 where path traversal could lead to DoS and restricted file read. | 8.1 |
| 2024-04-25 | CVE-2024-2829 | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.5 before 16.9.6, all versions starting from 16.10 before 16.10.4, all versions starting from 16.11 before 16.11.1. | 7.5 |
| 2024-03-07 | CVE-2024-0199 | Incorrect Authorization vulnerability in Gitlab An authorization bypass vulnerability was discovered in GitLab affecting versions 11.3 prior to 16.7.7, 16.7.6 prior to 16.8.4, and 16.8.3 prior to 16.9.2. | 8.0 |
| 2024-03-07 | CVE-2024-1299 | Unspecified vulnerability in Gitlab A privilege escalation vulnerability was discovered in GitLab affecting versions 16.8 prior to 16.8.4 and 16.9 prior to 16.9.2. | 8.1 |
| 2024-02-22 | CVE-2024-0410 | Unspecified vulnerability in Gitlab An authorization bypass vulnerability was discovered in GitLab affecting versions 15.1 prior to 16.7.6, 16.8 prior to 16.8.3, and 16.9 prior to 16.9.1. | 7.7 |
| 2024-02-22 | CVE-2024-1451 | Cross-site Scripting vulnerability in Gitlab 16.9.0 An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.9 before 16.9.1. | 8.7 |