Vulnerabilities > Gitlab > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-05-14 CVE-2024-4539 Allocation of Resources Without Limits or Throttling vulnerability in Gitlab
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 prior to 16.9.7, starting from 16.10 prior to 16.10.5, and starting from 16.11 prior to 16.11.2 where abusing the API to filter branch and tags could lead to Denial of Service.
network
low complexity
gitlab CWE-770
6.5
2024-05-14 CVE-2024-4597 Cross-Site Request Forgery (CSRF) vulnerability in Gitlab
An issue has been discovered in GitLab EE affecting all versions from 16.7 before 16.9.7, all versions starting from 16.10 before 16.10.5, all versions starting from 16.11 before 16.11.2.
network
low complexity
gitlab CWE-352
6.5
2024-05-14 CVE-2024-2651 Unspecified vulnerability in Gitlab
An issue has been discovered in GitLab CE/EE affecting all versions before 16.9.7, all versions starting from 16.10 before 16.10.5, all versions starting from 16.11 before 16.11.2.
network
low complexity
gitlab
6.5
2024-05-14 CVE-2024-2454 Allocation of Resources Without Limits or Throttling vulnerability in Gitlab
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.11 prior to 16.9.7, starting from 16.10 prior to 16.10.5, and starting from 16.11 prior to 16.11.2.
network
low complexity
gitlab CWE-770
6.5
2024-05-14 CVE-2023-6682 Unspecified vulnerability in Gitlab
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.9 prior to 16.9.7, starting from 16.10 prior to 16.10.5, and starting from 16.11 prior to 16.11.2.
network
low complexity
gitlab
6.5
2024-05-14 CVE-2023-6688 Unspecified vulnerability in Gitlab 16.11.0/16.11.1
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.11 prior to 16.11.2.
network
low complexity
gitlab
6.5
2024-04-25 CVE-2024-4006 Incorrect Authorization vulnerability in Gitlab
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.7 before 16.9.6, all versions starting from 16.10 before 16.10.4, all versions starting from 16.11 before 16.11.1 where personal access scopes were not honored by GraphQL subscriptions
network
low complexity
gitlab CWE-863
4.3
2024-04-25 CVE-2024-1347 Unspecified vulnerability in Gitlab
An issue has been discovered in GitLab CE/EE affecting all versions before 16.9.6, all versions starting from 16.10 before 16.10.4, all versions starting from 16.11 before 16.11.1.
network
low complexity
gitlab
5.3
2024-04-12 CVE-2023-6489 Unspecified vulnerability in Gitlab
A denial of service vulnerability was identified in GitLab CE/EE, versions 16.7.7 prior to 16.8.6, 16.9 prior to 16.9.4 and 16.10 prior to 16.10.2 which allows an attacker to spike the GitLab instance resources usage resulting in service degradation via chat integration feature.
network
low complexity
gitlab
6.5
2024-04-12 CVE-2023-6678 Unspecified vulnerability in Gitlab
An issue has been discovered in GitLab EE affecting all versions before 16.8.6, all versions starting from 16.9 before 16.9.4, all versions starting from 16.10 before 16.10.2.
network
low complexity
gitlab
6.5