Vulnerabilities > Gitlab > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-06-12 CVE-2024-1495 Unspecified vulnerability in Gitlab
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.1 prior to 16.10.7, starting from 16.11 prior to 16.11.4, and starting from 17.0 prior to 17.0.2.
network
low complexity
gitlab
6.5
2024-06-12 CVE-2024-1736 Unspecified vulnerability in Gitlab
An issue has been discovered in GitLab CE/EE affecting all versions prior to 16.10.7, starting from 16.11 prior to 16.11.4, and starting from 17.0 prior to 17.0.2.
network
low complexity
gitlab
6.5
2024-06-12 CVE-2024-1963 Unspecified vulnerability in Gitlab
An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.4 prior to 16.10.7, starting from 16.11 prior to 16.11.4, and starting from 17.0 prior to 17.0.2.
network
low complexity
gitlab
6.5
2024-06-12 CVE-2024-4201 Cross-site Scripting vulnerability in Gitlab
A cross-site scripting issue has been discovered in GitLab affecting all versions starting from 5.1 before 16.10.7, all versions starting from 16.11 before 16.111.4, all versions starting from 17.0 before 17.0.2.
network
high complexity
gitlab CWE-79
4.4
2024-05-24 CVE-2024-5318 Missing Authorization vulnerability in Gitlab
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.11 prior to 16.10.6, starting from 16.11 prior to 16.11.3, and starting from 17.0 prior to 17.0.1.
network
low complexity
gitlab CWE-862
5.3
2024-05-23 CVE-2023-6502 Unspecified vulnerability in Gitlab
A Denial of Service (DoS) condition has been discovered in GitLab CE/EE affecting all versions before 16.10.6, version 16.11 before 16.11.3, and 17.0 before 17.0.1.
network
low complexity
gitlab
6.5
2024-05-23 CVE-2023-7045 Cross-Site Request Forgery (CSRF) vulnerability in Gitlab
A CSRF vulnerability exists within GitLab CE/EE from versions 13.11 before 16.10.6, from 16.11 before 16.11.3, from 17.0 before 17.0.1.
network
low complexity
gitlab CWE-352
6.1
2024-05-23 CVE-2024-1947 Unspecified vulnerability in Gitlab
A denial of service (DoS) condition was discovered in GitLab CE/EE affecting all versions from 13.2.4 before 16.10.6, 16.11 before 16.11.3, and 17.0 before 17.0.1.
network
low complexity
gitlab
6.5
2024-05-23 CVE-2024-5258 Incorrect Authorization vulnerability in Gitlab
An authorization vulnerability exists within GitLab from versions 16.10 before 16.10.6, 16.11 before 16.11.3, and 17.0 before 17.0.1 where an authenticated attacker could utilize a crafted naming convention to bypass pipeline authorization logic.
network
low complexity
gitlab CWE-863
4.3
2024-05-23 CVE-2024-2874 Allocation of Resources Without Limits or Throttling vulnerability in Gitlab
An issue has been discovered in GitLab CE/EE affecting all versions before 16.10.6, version 16.11 before 16.11.3, and 17.0 before 17.0.1.
network
low complexity
gitlab CWE-770
6.5