CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2023/06/07 12:0 a.m.•76 views

CVE-2023-2485

CVE-2023-2485 (GitLab CE/EE) affects GitLab versions 14.1–15.10.7, 15.11–15.11.6, and 16.0–16.0.1. A malicious maintainer can escalate other project members to Owners when importing members from a project where those users are Owners. Root cause and impact are consistently described across source...

4.9CVSS4.9AI score0.00817EPSS

UbuntuCve•added 2023/06/07 12:0 a.m.•19 views

CVE-2023-2001

An issue has been discovered in GitLab CE/EE affecting all versions before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2. An attacker was able to spoof protected tags, which could potentially lead a victim to download malicious code...

4.3CVSS5.8AI score0.00585EPSS

Exploits0References2

UbuntuCve•added 2023/06/07 12:0 a.m.•22 views

CVE-2023-2199

An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.0 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2. A Regular Expression Denial of Service was possible via sending crafted payloads to the...

7.5CVSS6.9AI score0.01325EPSS

Exploits0References2

Cvelist•added 2023/06/07 12:0 a.m.•26 views

CVE-2023-2013

An issue has been discovered in GitLab CE/EE affecting all versions starting from 1.2 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2. An issue was found that allows someone to abuse a discrepancy between the Web application display a...

2.6CVSS5AI score0.0069EPSS

Exploits0References3

Vulnrichment•added 2023/06/07 12:0 a.m.•6 views

CVE-2023-2199

7.5CVSS6.4AI score0.01325EPSS

Exploits0References3

CVE•added 2023/06/07 12:0 a.m.•68 views

CVE-2023-2015

CVE-2023-2015 concerns GitLab CE/EE with a reflected XSS in abuse report creation, affecting all versions from 15.8 before 15.10.8, 15.11 before 15.11.7, and 16.0 before 16.0.2. The root cause and impact are described in the provided documents, which state that an attacker could perform arbitrary...

6.1CVSS5.7AI score0.00612EPSS

OSV•added 2023/06/07 12:0 a.m.•16 views

CVE-2023-2198

An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.7 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2. A Regular Expression Denial of Service was possible via sending crafted payloads to the...

7.5CVSS6.7AI score0.01325EPSS

Debian CVE•added 2023/06/07 12:0 a.m.•23 views

CVE-2023-0121

Removed by vendor...

7.5CVSS7.1AI score0.01243EPSS

Debian CVE•added 2023/06/07 12:0 a.m.•13 views

CVE-2023-2198

Removed by vendor...

7.5CVSS7.1AI score0.01325EPSS

Debian CVE•added 2023/06/07 12:0 a.m.•28 views

CVE-2023-0508

Removed by vendor...

4.3CVSS5.8AI score0.00757EPSS

Debian CVE•added 2023/06/07 12:0 a.m.•21 views

CVE-2023-2013

Removed by vendor...

4.3CVSS5.8AI score0.0069EPSS

CVE•added 2023/06/07 12:0 a.m.•85 views

CVE-2023-2199

GitLab CE/EE (versions 12.0–15.10.7, 15.11.0–15.11.6, 16.0.0–16.0.1) are affected by CVE-2023-2199 due to a Regular Expression Denial of Service in the preview_markdown endpoint. The underlying issue is a regex-based processing path that can be triggered by crafted payloads, potentially impacting...

7.5CVSS7.1AI score0.01325EPSS

CVE•added 2023/06/07 12:0 a.m.•72 views

CVE-2023-2013

CVE-2023-2013 affects GitLab CE/EE with versions starting from 1.2 up to 15.10.8, versions from 15.11 up to 15.11.7, and 16.0 up to 16.0.2. The issue arises from a discrepancy between the web application display and the Git CLI, which can be abused to social engineer victims into cloning non-trus...

4.3CVSS4.2AI score0.0069EPSS

OSV•added 2023/06/07 12:0 a.m.•14 views

CVE-2023-2013

2.6CVSS6.8AI score0.0069EPSS

Debian CVE•added 2023/06/07 12:0 a.m.•24 views

CVE-2023-2199

Removed by vendor...

7.5CVSS7.1AI score0.01325EPSS

OSV•added 2023/06/07 12:0 a.m.•16 views

CVE-2023-2015

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.8 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2. A reflected XSS was possible when creating new abuse reports which allows attackers to perform...

4.4CVSS6AI score0.00612EPSS

OSV•added 2023/06/07 12:0 a.m.•18 views

CVE-2023-2485 Incorrect Privilege Assignment in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.1 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2. A malicious maintainer in a project can escalate other users to Owners in that project if they...

4.4CVSS5AI score0.00817EPSS

OSV•added 2023/06/07 12:0 a.m.•13 views

CVE-2023-2199

7.5CVSS6.7AI score0.01325EPSS