Vulnerabilities > Gitlab > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-05 | CVE-2023-1787 | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. | 5.3 |
| 2023-04-05 | CVE-2022-3513 | Cross-site Scripting vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 12.8 before 15.8.5, all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. | 6.1 |
| 2023-04-05 | CVE-2023-0319 | Incorrect Authorization vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 13.6 before 15.8.5, all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1, allowing to read environment names supposed to be restricted to project memebers only. | 5.3 |
| 2023-04-05 | CVE-2023-0523 | Cross-site Scripting vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 15.6 before 15.8.5, 15.9 before 15.9.4, and 15.10 before 15.10.1. | 6.1 |
| 2023-04-05 | CVE-2023-1098 | Unspecified vulnerability in Gitlab An information disclosure vulnerability has been discovered in GitLab EE/CE affecting all versions starting from 11.5 before 15.8.5, all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1 will allow an admin to leak password from repository mirror configuration. | 4.9 |
| 2023-03-27 | CVE-2023-0326 | Unspecified vulnerability in Gitlab Dynamic Application Security Testing Analyzer An issue has been discovered in GitLab DAST API scanner affecting all versions starting from 1.6.50 before 2.11.0, where Authorization headers was leaked in vulnerability report evidence. | 4.3 |
| 2023-03-09 | CVE-2022-3758 | Incorrect Default Permissions vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 15.5 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. | 5.4 |
| 2023-03-09 | CVE-2022-3767 | Unspecified vulnerability in Gitlab Dynamic Application Security Testing Analyzer Missing validation in DAST analyzer affecting all versions from 1.11.0 prior to 3.0.32, allows custom request headers to be sent with every request, regardless of the host. | 6.5 |
| 2023-03-09 | CVE-2023-0050 | Cross-site Scripting vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 13.7 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. | 5.4 |
| 2023-03-09 | CVE-2023-1072 | Resource Exhaustion vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 9.0 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. | 5.3 |