Vulnerabilities in GitLab
1,068 resultsCVE-2022-3639MEDIUMA potential DOS vulnerability was discovered in GitLab CE/EE affecting all versions from 10.8 before 15.1.6, all versions starting from 15.2EPSS 0.8%CVE-2021-22183MEDIUMAn issue has been discovered in GitLab affecting all versions starting with 11.8. GitLab was vulnerable to a stored XSS in the epics page, wEPSS 0.8%CVE-2022-1954MEDIUMA Regular Expression Denial of Service vulnerability in GitLab CE/EE affecting all versions from 1.0.2 prior to 14.10.5, 15.0 prior to 15.0.EPSS 0.8%CVE-2021-39887HIGHA stored Cross-Site Scripting vulnerability in the GitLab Flavored Markdown in GitLab CE/EE version 8.4 and above allowed an attacker to exeEPSS 0.8%CVE-2021-22247MEDIUMImproper authorization in GitLab CE/EE affecting all versions since 13.0 allows guests in private projects to view CI/CD analyticsEPSS 0.8%CVE-2026-0723HIGHUnchecked Return Value in GitLabEPSS 0.8%CVE-2021-22169MEDIUMAn issue was identified in GitLab EE 13.4 or later which leaked internal IP address via error messages.EPSS 0.8%CVE-2022-0738MEDIUMAn issue has been discovered in GitLab affecting all versions starting from 14.6 before 14.6.5, all versions starting from 14.7 before 14.7.EPSS 0.8%CVE-2021-22250MEDIUMImproper authorization in GitLab CE/EE affecting all versions since 13.3 allowed users to view and delete impersonation tokens that administEPSS 0.8%CVE-2023-5356HIGHIncorrect Authorization in GitLabEPSS 0.8%CVE-2023-0805MEDIUMAn issue has been discovered in GitLab EE affecting all versions starting from 15.2 before 15.9.6, all versions starting from 15.10 before 1EPSS 0.8%CVE-2022-0136MEDIUMA vulnerability was discovered in GitLab versions 10.5 to 14.5.4, 14.6 to 14.6.4, and 14.7 to 14.7.1. GitLab was vulnerable to a blind SSRF EPSS 0.8%CVE-2023-3994HIGHInefficient Regular Expression Complexity in GitLabEPSS 0.8%CVE-2017-0927—Gitlab Community Edition version 10.3 is vulnerable to an improper authorization issue in the deployment keys component resulting in unauthoEPSS 0.8%CVE-2022-2501MEDIUMAn improper access control issue in GitLab EE affecting all versions from 12.0 prior to 15.0.5, 15.1 prior to 15.1.4, and 15.2 prior to 15.2EPSS 0.8%CVE-2021-22251MEDIUMImproper validation of invited users' email address in GitLab EE affecting all versions since 12.2 allowed projects to add members with emaiEPSS 0.8%CVE-2021-22253MEDIUMImproper authorization in GitLab EE affecting all versions since 13.4 allowed a user who previously had the necessary access to trigger deplEPSS 0.8%CVE-2023-2485MEDIUMIncorrect Privilege Assignment in GitLabEPSS 0.8%CVE-2022-1821MEDIUMAn issue has been discovered in GitLab CE/EE affecting all versions starting from 10.8 before 14.9.5, all versions starting from 14.10 beforEPSS 0.8%CVE-2021-39904MEDIUMAn Improper Access Control vulnerability in the GraphQL API in all versions of GitLab CE/EE starting from 13.1 before 14.2.6, all versions sEPSS 0.8%