Exposición de GitLab
Development, Issue trackers331
score de exposición
761
sitios usan
4
en explotación
24
críticos
CVEs
1068 resultadosCVE-2022-2456MEDIUMAn issue has been discovered in GitLab CE/EE affecting all versions before 15.0.5, all versions starting from 15.1 before 15.1.4, all versioEPSS 0.8%CVE-2021-39902MEDIUMIncorrect Authorization in GitLab CE/EE 13.4 or above allows a user with guest membership in a project to modify the severity of an incidentEPSS 0.8%CVE-2019-15586—A XSS exists in Gitlab CE/EE < 12.1.10 in the Mermaid plugin.EPSS 0.8%CVE-2022-4376LOWAn issue has been discovered in GitLab affecting all versions before 15.9.6, all versions starting from 15.10 before 15.10.5, all versions sEPSS 0.8%CVE-2025-12562HIGHAllocation of Resources Without Limits or Throttling in GitLabEPSS 0.8%CVE-2023-3424HIGHInefficient Regular Expression Complexity in GitLabEPSS 0.8%CVE-2023-0508LOWImproper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') in GitLabEPSS 0.8%CVE-2020-13359HIGHThe Terraform API in GitLab CE/EE 12.10+ exposed the object storage signed URL on the delete operation allowing a malicious project maintainEPSS 0.8%CVE-2021-22208MEDIUMAn issue has been discovered in GitLab affecting versions starting with 13.5 up to 13.9.7. Improper permission check could allow the change EPSS 0.8%CVE-2020-13357MEDIUMAn issue was discovered in Gitlab CE/EE versions >= 13.1 to <13.4.7, >= 13.5 to <13.5.5, and >= 13.6 to <13.6.2 allowed an unauthorized userEPSS 0.8%CVE-2022-2428MEDIUMA crafted tag in the Jupyter Notebook viewer in GitLab EE/CE affecting all versions before 15.1.6, 15.2 to 15.2.4, and 15.3 to 15.3.2 allowsEPSS 0.8%CVE-2023-1836MEDIUMA cross-site scripting issue has been discovered in GitLab affecting all versions starting from 5.1 before 15.9.6, all versions starting froEPSS 0.8%CVE-2021-39937MEDIUMA collision in access memoization logic in all versions of GitLab CE/EE before 14.3.6, all versions starting from 14.4 before 14.4.4, all veEPSS 0.8%CVE-2023-1787MEDIUMAn issue has been discovered in GitLab affecting all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.1EPSS 0.8%CVE-2024-8233HIGHInefficient Algorithmic Complexity in GitLabEPSS 0.8%CVE-2022-4335MEDIUMA blind SSRF vulnerability was identified in all versions of GitLab EE prior to 15.4.6, 15.5 prior to 15.5.5, and 15.6 prior to 15.6.1 whichEPSS 0.8%CVE-2022-1545MEDIUMIt was possible to disclose details of confidential notes created via the API in Gitlab CE/EE affecting all versions from 13.2 prior to 14.8EPSS 0.7%CVE-2021-39883MEDIUMImproper authorization checks in all versions of GitLab EE starting from 13.11 before 14.1.7, all versions starting from 14.2 before 14.2.5,EPSS 0.7%CVE-2021-22232LOWHTML injection was possible via the full name field before versions 13.11.6, 13.12.6, and 14.0.2 in GitLab CEEPSS 0.7%CVE-2022-3767HIGHMissing validation in DAST analyzer affecting all versions from 1.11.0 prior to 3.0.32, allows custom request headers to be sent with every EPSS 0.7%
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →