Lucene search
K

1981 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:51 a.m.6 views

CVE-2020-10076

GitLab 12.1 through 12.8.1 allows XSS. A stored cross-site scripting vulnerability was discovered when displaying merge requests...

6.1CVSS5.8AI score0.00691EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:51 a.m.3 views

CVE-2020-10535

GitLab 12.8.x before 12.8.6, when sign-up is enabled, allows remote attackers to bypass email domain restrictions within the two-day grace period for an unconfirmed email address...

5.3CVSS6.8AI score0.01016EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:51 a.m.8 views

CVE-2020-10977

GitLab EE/CE 8.5 to 12.9 is vulnerable to a an path traversal when moving an issue between projects...

5.5CVSS6.5AI score0.42741EPSS
Exploits10References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:26 a.m.5 views

CVE-2023-4011

An issue has been discovered in GitLab EE affecting all versions from 15.11 prior to 16.2.2 which allows an attacker to spike the resource consumption resulting in DoS...

7.5CVSS6.4AI score0.00656EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:25 a.m.5 views

CVE-2023-4317

An issue has been discovered in GitLab affecting all versions starting from 9.2 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was possible for a user with the Developer role to update a pipeline schedule from an unprotected branch ...

4.3CVSS6.5AI score0.00426EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:25 a.m.10 views

CVE-2023-4018

An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. Due to improper permission validation it was possible to create model experiments in public projects...

5.3CVSS6.4AI score0.00394EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:19 a.m.8 views

CVE-2021-22262

Missing access control in all GitLab versions starting from 13.12 before 14.0.9, all versions starting from 14.1 before 14.1.4, and all versions starting from 14.2 before 14.2.2 with Jira Cloud integration enabled allows Jira users without administrative privileges to add and remove Jira Connect...

5.4CVSS6.7AI score0.00705EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:19 a.m.6 views

CVE-2021-22208

An issue has been discovered in GitLab affecting versions starting with 13.5 up to 13.9.7. Improper permission check could allow the change of timestamp for issue creation or update...

4.3CVSS6.5AI score0.00756EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:19 a.m.6 views

CVE-2021-22200

An issue has been discovered in GitLab CE/EE affecting all versions starting with 12.6. Under a special condition it was possible to access data of an internal repository through a public project fork as an anonymous user...

7.5CVSS6.4AI score0.01003EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:19 a.m.4 views

CVE-2021-22217

A denial of service vulnerability in all versions of GitLab CE/EE before 13.12.2, 13.11.5 or 13.10.5 allows an attacker to cause uncontrolled resource consumption with a specially crafted issue or merge request...

6.5CVSS6.5AI score0.01845EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:19 a.m.8 views

CVE-2021-22219

All versions of GitLab CE/EE starting from 9.5 before 13.10.5, all versions starting from 13.11 before 13.11.5, and all versions starting from 13.12 before 13.12.2 allow a high privilege user to obtain sensitive information from log files because the sensitive information was not correctly...

4.9CVSS6.1AI score0.00885EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:19 a.m.10 views

CVE-2021-22178

An issue has been discovered in GitLab affecting all versions starting from 13.2. Gitlab was vulnerable to SRRF attack through the Prometheus integration...

5CVSS6.4AI score0.01114EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:18 a.m.7 views

CVE-2021-22169

An issue was identified in GitLab EE 13.4 or later which leaked internal IP address via error messages...

4.3CVSS6.5AI score0.00831EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:18 a.m.7 views

CVE-2021-22183

An issue has been discovered in GitLab affecting all versions starting with 11.8. GitLab was vulnerable to a stored XSS in the epics page, which could be exploited with user interactions...

5.4CVSS5.4AI score0.00838EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:18 a.m.8 views

CVE-2021-22238

An issue has been discovered in GitLab affecting all versions starting with 13.3. GitLab was vulnerable to a stored XSS by using the design feature in issues...

6.8CVSS5.5AI score0.71787EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:18 a.m.6 views

CVE-2021-22179

A vulnerability was discovered in GitLab versions before 12.2. GitLab was vulnerable to a SSRF attack through the Outbound Requests feature...

5.5CVSS6.4AI score0.00946EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:18 a.m.4 views

CVE-2021-22229

An issue has been discovered in GitLab CE/EE affecting all versions starting with 12.8. Under a special condition it was possible to access data of an internal repository through project fork done by a project member...

7.5CVSS6.8AI score0.01084EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:18 a.m.5 views

CVE-2021-22216

A denial of service vulnerability in all versions of GitLab CE/EE before 13.12.2, 13.11.5 or 13.10.5 allows an attacker to cause uncontrolled resource consumption with a very long issue or merge request description...

6.5CVSS6.5AI score0.01029EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:13 a.m.5 views

CVE-2022-0283

An issue has been discovered affecting GitLab versions prior to 13.5. An open redirect vulnerability was fixed in GitLab integration with Jira that a could cause the web application to redirect the request to the attacker specified URL...

6.1CVSS6.3AI score0.00739EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:12 a.m.7 views

CVE-2022-0151

An issue has been discovered in GitLab affecting all versions starting from 12.10 before 14.4.5, all versions starting from 14.5.0 before 14.5.3, all versions starting from 14.6.0 before 14.6.2. GitLab was not correctly handling requests to delete existing packages which could result in a Denial ...

6.5CVSS6.4AI score0.01112EPSS
Exploits0References1
Rows per page
Query Builder