Vulnerabilities > Gitpod

DATE CVE VULNERABILITY TITLE RISK
2023-06-05 CVE-2023-32766 Cross-site Scripting vulnerability in Gitpod
Gitpod before 2022.11.3 allows XSS because redirection can occur for some protocols outside of the trusted set of three (vscode: vscode-insiders: jetbrains-gateway:).
network
low complexity
gitpod CWE-79
6.1
2023-03-03 CVE-2023-0957 Origin Validation Error vulnerability in Gitpod
An issue was discovered in Gitpod versions prior to release-2022.11.2.16.
network
low complexity
gitpod CWE-346
critical
9.6
2021-06-22 CVE-2021-35206 Open Redirect vulnerability in Gitpod
Gitpod before 0.6.0 allows unvalidated redirects.
network
gitpod CWE-601
5.8