Vulnerabilities > Gitlab > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-04-01 CVE-2022-0390 Missing Authorization vulnerability in Gitlab
Improper access control in Gitlab CE/EE versions 12.7 to 14.5.4, 14.6 to 14.6.4, and 14.7 to 14.7.1 allowed for project non-members to retrieve issue details when it was linked to an item from the vulnerability dashboard.
network
low complexity
gitlab CWE-862
4.3
4.3
2022-04-01 CVE-2022-0489 Resource Exhaustion vulnerability in Gitlab
An issue has been discovered in GitLab CE/EE affecting all versions starting with 8.15 .
network
low complexity
gitlab CWE-400
5.7
5.7
2022-03-28 CVE-2021-39876 Incorrect Authorization vulnerability in Gitlab
In all versions of GitLab CE/EE since version 11.3, the endpoint for auto-completing Assignee discloses the members of private groups.
network
low complexity
gitlab CWE-863
4.3
4.3
2022-03-28 CVE-2021-4191 Unspecified vulnerability in Gitlab
An issue has been discovered in GitLab CE/EE affecting versions 13.0 to 14.6.5, 14.7 to 14.7.4, and 14.8 to 14.8.2.
network
low complexity
gitlab
5.3
5.3
2022-03-28 CVE-2022-0123 Improper Certificate Validation vulnerability in Gitlab
An issue has been discovered affecting GitLab versions prior to 14.4.5, between 14.5.0 and 14.5.3, and between 14.6.0 and 14.6.1.
network
high complexity
gitlab CWE-295
6.8
6.8
2022-03-28 CVE-2022-0283 Open Redirect vulnerability in Gitlab
An issue has been discovered affecting GitLab versions prior to 13.5.
network
low complexity
gitlab CWE-601
6.1
6.1
2022-03-28 CVE-2022-0344 Unspecified vulnerability in Gitlab
An issue has been discovered in GitLab affecting all versions starting from 10.0 before 14.5.4, all versions starting from 10.1 before 14.6.4, all versions starting from 10.2 before 14.7.1.
network
low complexity
gitlab
4.3
4.3
2022-03-28 CVE-2022-0371 Unspecified vulnerability in Gitlab
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.4 before 14.5.4, all versions starting from 14.6 before 14.6.4, all versions starting from 14.7 before 14.7.1.
network
low complexity
gitlab
4.3
4.3
2022-03-28 CVE-2022-0488 Resource Exhaustion vulnerability in Gitlab
An issue has been discovered in GitLab CE/EE affecting all versions starting with version 8.10.
network
low complexity
gitlab CWE-400
4.3
4.3
2022-03-28 CVE-2022-0549 Unspecified vulnerability in Gitlab
An issue has been discovered in GitLab CE/EE affecting all versions before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2.
network
low complexity
gitlab
6.5
6.5