Vulnerabilities in GitLab
1,068 resultsCVE-2022-3767HIGHMissing validation in DAST analyzer affecting all versions from 1.11.0 prior to 3.0.32, allows custom request headers to be sent with every EPSS 0.7%CVE-2020-13286MEDIUMFor GitLab before 13.0.12, 13.1.6, 13.2.3 user controlled git configuration settings can be modified to result in Server Side Request ForgerEPSS 0.7%CVE-2023-6688MEDIUMInefficient Regular Expression Complexity in GitLabEPSS 0.7%CVE-2023-6682MEDIUMInefficient Regular Expression Complexity in GitLabEPSS 0.7%CVE-2022-2512MEDIUMAn issue has been discovered in GitLab CE/EE affecting all versions starting from 15.0 before 15.0.5, all versions starting from 15.1 beforeEPSS 0.7%CVE-2023-0319MEDIUMAn issue has been discovered in GitLab affecting all versions starting from 13.6 before 15.8.5, all versions starting from 15.9 before 15.9.EPSS 0.7%CVE-2022-4331MEDIUMAn issue has been discovered in GitLab EE affecting all versions starting from 15.1 before 15.7.8, all versions starting from 15.8 before 15EPSS 0.7%CVE-2022-3513MEDIUMAn issue has been discovered in GitLab affecting all versions starting from 12.8 before 15.8.5, all versions starting from 15.9 before 15.9.EPSS 0.7%CVE-2023-5332MEDIUMDependency on Vulnerable Third-Party Component in GitLabEPSS 0.7%CVE-2021-22220MEDIUMAn issue has been discovered in GitLab affecting all versions starting with 13.10. GitLab was vulnerable to a stored XSS in blob viewer of nEPSS 0.7%CVE-2022-0283MEDIUMAn issue has been discovered affecting GitLab versions prior to 13.5. An open redirect vulnerability was fixed in GitLab integration with JiEPSS 0.7%CVE-2021-39918LOWIncorrect Authorization in GitLab EE affecting all versions starting from 11.1 before 14.3.6, all versions starting from 14.4 before 14.4.4,EPSS 0.7%CVE-2023-3385MEDIUMImproper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in GitLabEPSS 0.7%CVE-2023-3904MEDIUMImproper Validation of Specified Type of Input in GitLabEPSS 0.7%CVE-2022-2095MEDIUMAn improper access control check in GitLab CE/EE affecting all versions starting from 13.7 before 15.0.5, all versions starting from 15.1 beEPSS 0.7%CVE-2022-2281LOWAn information disclosure vulnerability in GitLab EE affecting all versions from 12.5 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 priorEPSS 0.7%CVE-2023-0838MEDIUMAn issue has been discovered in GitLab affecting versions starting from 15.1 before 15.8.5, 15.9 before 15.9.4, and 15.10 before 15.10.1. A EPSS 0.7%CVE-2022-2235HIGHInsufficient sanitization in GitLab EE's external issue tracker affecting all versions from 14.5 prior to 14.10.5, 15.0 prior to 15.0.4, andEPSS 0.7%CVE-2022-4342MEDIUMAn issue has been discovered in GitLab CE/EE affecting all versions starting from 15.1 before 15.5.7, all versions starting from 15.6 beforeEPSS 0.7%CVE-2022-1105MEDIUMAn improper access control vulnerability in GitLab CE/EE affecting all versions from 13.11 prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 pEPSS 0.7%