CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

24 matches found

OSV•added 2024/03/06 11:15 a.m.•28 views

BIT-GITLAB-2022-1433

An issue has been discovered in GitLab affecting all versions starting from 14.4 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. Missing invalidation of Markdown caching causes potential payloads from a previously exploitable XSS...

6.1CVSS6.7AI score0.00789EPSS

Exploits0References4

Tenable Nessus•added 2024/01/03 12:0 a.m.•32 views

GitLab < 14.8.6 (CVE-2022-1428)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab affecting all versions before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. GitLab was incorrectly...

4.3CVSS5.2AI score0.00598EPSS

Exploits0References3

OpenVAS•added 2022/06/14 12:0 a.m.•19 views

GitLab 8.12.0 < 14.8.6, 14.9.x < 14.9.4, 14.10.x < 14.10.1 Input Validation Vulnerability

GitLab is prone to an input validation vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:gitlab:gitlab"; if...

6.5CVSS6.9AI score0.01085EPSS

Exploits0References1

OpenVAS•added 2022/06/14 12:0 a.m.•12 views

GitLab 11.0.0 < 14.8.6, 14.9.x < 14.9.4, 14.10.x < 14.10.1 Information Disclosure Vulnerability

GitLab is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:gitlab:gitlab"; if...

5.3CVSS5.4AI score0.01242EPSS

Exploits0References1

OpenVAS•added 2022/06/14 12:0 a.m.•17 views

GitLab < 14.8.6, 14.9.x < 14.9.4, 14.10.x < 14.10.1 Information Disclosure Vulnerability

4.3CVSS4.5AI score0.00686EPSS

Exploits0References1

OpenVAS•added 2022/06/14 12:0 a.m.•7 views

GitLab 13.2 < 14.8.6, 14.9.0 < 14.9.4, 14.10 < 14.10.1 Information Disclosure Vulnerability

4.3CVSS4.8AI score0.00748EPSS

Exploits0References1

OpenVAS•added 2022/06/14 12:0 a.m.•18 views

GitLab 12.6.0 < 14.8.6, 14.9.x < 14.9.4, 14.10.x < 14.10.1 Authentication Vulnerability

GitLab is prone to an authentication vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:gitlab:gitlab"; if descriptio...

4.3CVSS5.1AI score0.00848EPSS

Exploits0References1

OpenVAS•added 2022/06/13 12:0 a.m.•12 views

GitLab 1.0.2 < 14.8.6, 14.9.0 < 14.9.4, 14.10.0 < 14.10.1 Multiple Vulnerabilities

GitLab is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:gitlab:gitlab"; if description...

8.8CVSS7.4AI score0.01376EPSS

Exploits1References7

Positive Technologies•added 2022/05/19 12:0 a.m.•2 views

PT-2022-13876 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 1.0.2 through 14.8.5 GitLab CE/EE versions 14.9.0 through 14.9.3 GitLab CE/EE versions 14.10.0 Description: The issue is related to improper access control in the CI/CD cache mechanism, allowing a malicious actor with...

8.8CVSS8.8AI score0.01376EPSS

Exploits0References8

Positive Technologies•added 2022/05/19 12:0 a.m.•6 views

PT-2022-13869 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 1.0.2 through 14.8.6 GitLab CE/EE versions 14.9.0 through 14.9.4 GitLab CE/EE versions 14.10.0 through 14.10.1 Description: The issue is related to missing input masking in GitLab CE/EE, which causes potentially sensitiv...

7.5CVSS7.1AI score0.00867EPSS

Exploits0References7

Tenable Nessus•added 2022/05/18 12:0 a.m.•32 views

GitLab 8.12.0 < 14.8.6 / 14.9.0 < 14.9.4 / 14.10.0 < 14.10.1 (CVE-2022-1406)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Improper input validation in GitLab CE/EE affecting all versions from 8.12 prior to 14.8.6, all versions from 14.9.0 prior to 14.9.4, and 14.10.0 allows a Developer to read protected Group or Project...

6.5CVSS6.9AI score0.01085EPSS

Exploits0References4

Tenable Nessus•added 2022/05/18 12:0 a.m.•12 views

GitLab 13.2 < 14.8.6 / 14.9.x < 14.9.4 / 14.10.x < 14.10.1 Information Disclosure

According to its self-reported version, the instance of GitLab running on the remote web server is 13.2 prior to 14.8.6, 14.9.x prior to 14.9.4, or 14.10.x prior to 14.10.1. It is, therefore, affected by the following vulnerability: - An information disclosure vulnerability exists in confidential...

5.6AI score

Exploits0References1

NVD•added 2022/05/11 3:15 p.m.•12 views

CVE-2022-1428

An issue has been discovered in GitLab affecting all versions before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. GitLab was incorrectly verifying throttling limits for authenticated package requests which resulted in limits not being...

4.3CVSS0.00598EPSS

Exploits0References2

UbuntuCve•added 2022/05/11 3:15 p.m.•51 views

CVE-2022-1426

An issue has been discovered in GitLab affecting all versions starting from 12.6 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. GitLab was not correctly authenticating a user that had some certain amount of information which allowed ...

4.3CVSS6.2AI score0.00848EPSS

Exploits0References4

Prion•added 2022/05/11 3:15 p.m.•14 views

Design/Logic Flaw

4CVSS4.3AI score0.00598EPSS

Exploits0References2Affected Software1

Prion•added 2022/05/11 3:15 p.m.•24 views

Cross site scripting

4.3CVSS6AI score0.83035EPSS

Exploits3References3Affected Software1

CVE•added 2022/05/11 2:40 p.m.•117 views

CVE-2022-1428

CVE-2022-1428 affects GitLab versions prior to 14.8.6, and 14.9 prior to 14.9.4, and 14.10 prior to 14.10.1. The issue is that GitLab was incorrectly verifying throttling limits for authenticated package requests, causing limits to be unenforced. The vulnerability is documented across multiple so...

4.3CVSS4.2AI score0.00598EPSS

Exploits0References2Affected Software1