CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

217 matches found

RedhatCVE•added 2026/01/09 10:10 a.m.•6 views

CVE-2019-11547

An issue was discovered in GitLab Community and Enterprise Edition before 11.8.9, 11.9.x before 11.9.10, and 11.10.x before 11.10.2. It has Improper Encoding or Escaping of Output. The branch name on new merge request notification emails isn't escaped, which could potentially lead to XSS issues...

6.1CVSS5.8AI score0.01139EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 9:25 a.m.•4 views

CVE-2023-4895

An issue has been discovered in GitLab EE affecting all versions starting from 12.0 to 16.7.6, all versions starting from 16.8 before 16.8.3, all versions starting from 16.9 before 16.9.1. This vulnerability allows for bypassing the 'group ip restriction' settings to access environment details of...

4.3CVSS6.5AI score0.00376EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:19 a.m.•4 views

CVE-2021-22187

An issue has been discovered in GitLab affecting all versions of Gitlab EE/CE before 13.6.7. A potential resource exhaustion issue that allowed running or pending jobs to continue even after project was deleted...

4.3CVSS6.4AI score0.01038EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:19 a.m.•9 views

CVE-2021-22198

An issue has been discovered in GitLab CE/EE affecting all versions from 13.8 and above allowing an authenticated user to delete incident metric images of public projects...

4.3CVSS6.3AI score0.01077EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:54 a.m.•10 views

CVE-2025-1540

An issue has been discovered in GitLab CE/EE for Self-Managed and Dedicated instances affecting all versions from 17.5 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2. It was possible for a user added as an External to read and clone internal projects under certain circumstances."...

4.2CVSS6.4AI score0.0022EPSS

Exploits1References1

RedhatCVE•added 2026/01/07 9:28 a.m.•6 views

CVE-2019-12433

An issue was discovered in GitLab Community and Enterprise Edition 11.7 through 11.11. It has Improper Input Validation. Restricted visibility settings allow creating internal projects in private groups, leading to multiple permission issues...

5.3CVSS6.5AI score0.00819EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:9 a.m.•11 views

CVE-2024-2878

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.7 prior to 16.9.7, starting from 16.10 prior to 16.10.5, and starting from 16.11 prior to 16.11.2. It was possible for an attacker to cause a denial of service by crafting unusual search terms for branch names...

7.5CVSS6.3AI score0.17649EPSS

Exploits0References1