Lucene search
K

14 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2023-3922

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab affecting all versions starting from 8.15 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions...

7.1CVSS6.8AI score0.00387EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2023/10/03 4:54 p.m.37 views

CVE-2023-5207

A vulnerability was discovered in GitLab CE and EE affecting all versions starting 16.0 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1. An authenticated attacker could perform arbitrary pipeline execution under the context of another user...

8.2CVSS6.8AI score0.01094EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/10/02 12:0 a.m.3 views

PT-2023-31754 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab EE versions 13.12 through 16.2.8 GitLab EE versions 16.3.0 through 16.3.5 GitLab EE versions 16.4.0 through 16.4.1 Description: An issue has been discovered in Ultimate-licensed GitLab EE that could allow an attacker to impersonate use...

8.2CVSS6.7AI score0.00526EPSS
Exploits0References10
NVD
NVD
added 2023/09/29 8:15 a.m.15 views

CVE-2023-5198

An issue has been discovered in GitLab affecting all versions prior to 16.2.7, all versions starting from 16.3 before 16.3.5, and all versions starting from 16.4 before 16.4.1. It was possible for a removed project member to write to protected branches using deploy keys...

4.3CVSS4.7AI score0.00425EPSS
Exploits0References2
Prion
Prion
added 2023/09/29 8:15 a.m.32 views

Code injection

An issue has been discovered in GitLab affecting all versions starting from 8.15 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. It was possible to hijack some links and buttons on the GitLab UI to a malicious page...

6.8CVSS6.7AI score0.00387EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2023/09/29 7:15 a.m.11 views

CVE-2023-3917

Denial of Service in pipelines affecting all versions of Gitlab EE and CE prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows attacker to cause pipelines to fail...

7.5CVSS5.8AI score0.00776EPSS
Exploits0References2
OSV
OSV
added 2023/09/29 7:15 a.m.1 views

UBUNTU-CVE-2023-3917

Denial of Service in pipelines affecting all versions of Gitlab EE and CE prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows attacker to cause pipelines to fail...

7.5CVSS5.8AI score0.00776EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/09/29 6:30 a.m.20 views

CVE-2023-0989 Improper Ownership Management in GitLab

An information disclosure issue in GitLab CE/EE affecting all versions starting from 13.11 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows an attacker to extract non-protected CI/CD variables by tricking a user to visit a fork with a malicious CI/CD configuration...

4.3CVSS4.4AI score0.00429EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/09/29 12:0 a.m.5 views

GitLab CE/EE Security Vulnerabilities

GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of GitLab, Inc. GitLab Enterprise Edition is a content management system. GitLab Enterprise Edition is a content management system. A security vulnerability exists in GitLab CE/EE. An attacker could exploit this...

7.5CVSS6.5AI score0.00776EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/09/29 12:0 a.m.38 views

GitLab 16.2 < 16.2.8 / 16.3 < 16.3.5 / 16.4 < 16.4.1 (CVE-2023-4532)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. Users were...

4.3CVSS5.1AI score0.0044EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/09/29 12:0 a.m.24 views

GitLab 15.3 < 16.2.8 / 16.3 < 16.3.5 / 16.4 < 16.4.1 (CVE-2023-4379)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab EE affecting all versions starting from 15.3 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1. Code owner approval was not removed from merge...

8.1CVSS7.3AI score0.00502EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/09/28 12:0 a.m.2 views

PT-2023-29496 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions 16.2 through 16.2.7 GitLab versions 16.3 through 16.3.4 GitLab versions 16.4 through 16.4.0 Description: An issue has been discovered in GitLab where users were capable of linking CI/CD jobs of private projects which they are...

4.3CVSS6.6AI score0.0044EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2023/09/28 12:0 a.m.3 views

PT-2023-26802 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab EE versions prior to 16.2.8 GitLab EE version 16.3 prior to 16.3.5 GitLab EE version 16.4 prior to 16.4.1 Description: A business logic error in GitLab EE allows access to internal projects. This occurs because a service account is not...

5.4CVSS6.5AI score0.00367EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2023/09/28 12:0 a.m.2 views

PT-2023-26824 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: Gitlab EE and CE versions prior to 16.2.8 Gitlab EE and CE version 16.3 prior to 16.3.5 Gitlab EE and CE version 16.4 prior to 16.4.1 Description: The issue allows an attacker to cause pipelines to fail, resulting in a Denial of Service. This...

7.5CVSS6.8AI score0.00776EPSS
Exploits0References12
Rows per page
Query Builder