Exposição de GitLab

Development, Issue trackers

312

score de exposição

761

sites usam

4

em exploração

24

críticos

CVEs

1.055 resultados

CVE-2021-22205CRITICALAn issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files that EPSS 99.7%KEV CVE-2023-7028CRITICALWeak Password Recovery Mechanism for Forgotten Password in GitLabEPSS 95.0%KEV CVE-2021-22175MEDIUMWhen requests to the internal network for webhooks are enabled, a server-side request forgery vulnerability in GitLab affecting all versionsEPSS 53.4%KEV CVE-2021-39935MEDIUMAn issue has been discovered in GitLab CE/EE affecting all versions starting from 10.5 before 14.3.6, all versions starting from 14.4 beforeEPSS 30.5%KEV CVE-2023-2442HIGHAn issue has been discovered in GitLab CE/EE affecting all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 befoEPSS 96.1%CVE-2023-0050HIGHAn issue has been discovered in GitLab affecting all versions starting from 13.7 before 15.7.8, all versions starting from 15.8 before 15.8.EPSS 92.4%CVE-2022-1190HIGHImproper handling of user input in GitLab CE/EE versions 8.3 prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 allowed an attaEPSS 87.4%CVE-2022-3265HIGHA cross-site scripting issue has been discovered in GitLab CE/EE affecting all versions prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prioEPSS 86.3%CVE-2022-2992CRITICALA vulnerability in GitLab CE/EE affecting all versions from 11.10 prior to 15.1.6, 15.2 to 15.2.4, 15.3 to 15.3.2 allows an authenticated usEPSS 86.2%CVE-2023-0921MEDIUMAllocation of Resources Without Limits or Throttling in GitLabEPSS 84.4%CVE-2022-1175HIGHImproper neutralization of user input in GitLab CE/EE versions 14.4 before 14.7.7, all versions starting from 14.8 before 14.8.5, all versioEPSS 82.0%CVE-2021-4191MEDIUMAn issue has been discovered in GitLab CE/EE affecting versions 13.0 to 14.6.5, 14.7 to 14.7.4, and 14.8 to 14.8.2. Private GitLab instancesEPSS 80.0%CVE-2022-2185CRITICALA critical issue has been discovered in GitLab affecting all versions starting from 14.0 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prEPSS 76.9%CVE-2022-1162CRITICALA hardcoded password was set for accounts registered using an OmniAuth provider (e.g. OAuth, LDAP, SAML) in GitLab CE/EE versions 14.7 priorEPSS 76.2%CVE-2022-2884CRITICALA vulnerability in GitLab CE/EE affecting all versions from 11.3.4 prior to 15.1.5, 15.2 to 15.2.3, 15.3 to 15.3 to 15.3.1 allows an an authEPSS 75.7%CVE-2021-22238MEDIUMAn issue has been discovered in GitLab affecting all versions starting with 13.3. GitLab was vulnerable to a stored XSS by using the design EPSS 71.8%CVE-2023-2825CRITICALAn issue has been discovered in GitLab CE/EE affecting only version 16.0.0. An unauthenticated malicious user can use a path traversal vulneEPSS 71.6%CVE-2020-13340HIGHAn issue has been discovered in GitLab affecting all versions prior to 13.2.10, 13.3.7 and 13.4.2: Stored XSS in CI Job LogEPSS 68.6%CVE-2023-2164MEDIUMImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLabEPSS 63.8%CVE-2021-22242HIGHInsufficient input sanitization in Mermaid markdown in GitLab CE/EE version 11.4 and up allows an attacker to exploit a stored cross-site scEPSS 63.6%

← anteriorpágina 1 / 53próxima →

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →