CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

OSV•added 2024/03/06 11:13 a.m.•15 views

BIT-GITLAB-2022-4201

A blind SSRF in GitLab CE/EE affecting all from 11.3 prior to 15.4.6, 15.5 prior to 15.5.5, and 15.6 prior to 15.6.1 allows an attacker to connect to local addresses when configuring a malicious GitLab Runner...

5.3CVSS4.2AI score0.00104EPSS

Exploits1References3

OSV•added 2024/03/06 11:13 a.m.•13 views

BIT-GITLAB-2022-4335

A blind SSRF vulnerability was identified in all versions of GitLab EE prior to 15.4.6, 15.5 prior to 15.5.5, and 15.6 prior to 15.6.1 which allows an attacker to connect to a local host...

4.3CVSS4.1AI score0.00368EPSS

Exploits1References4

Prion•added 2023/01/27 10:15 p.m.•16 views

Server side request forgery (ssrf)

5CVSS5.1AI score0.00104EPSS

Exploits1References2Affected Software1

UbuntuCve•added 2023/01/27 6:15 p.m.•36 views

CVE-2022-4335

A blind SSRF vulnerability was identified in all versions of GitLab EE prior to 15.4.6, 15.5 prior to 15.5.5, and 15.6 prior to 15.6.1 which allows an attacker to connect to a local host...

4.3CVSS5.9AI score0.00368EPSS

Exploits1References4

Cvelist•added 2023/01/27 12:0 a.m.•14 views

CVE-2022-4205

In Gitlab EE/CE before 15.6.1, 15.5.5 and 15.4.6 using a branch with a hexadecimal name could override an existing hash...

6.3CVSS7.8AI score0.00082EPSS

Exploits1References2

Vulnrichment•added 2023/01/27 12:0 a.m.•5 views

CVE-2022-4205

In Gitlab EE/CE before 15.6.1, 15.5.5 and 15.4.6 using a branch with a hexadecimal name could override an existing hash...

6.3CVSS7.5AI score0.00082EPSS

Exploits1References2

UbuntuCve•added 2023/01/26 9:18 p.m.•22 views

CVE-2022-4054

An issue has been discovered in GitLab affecting all versions starting from 9.3 before 15.4.6, all versions starting from 15.5 before 15.5.5, all versions starting from 15.6 before 15.6.1. It was possible for a project maintainer to leak a webhook secret token by changing the webhook URL to an...

5.5CVSS6AI score0.00229EPSS

Exploits1References1

Positive Technologies•added 2023/01/24 12:0 a.m.•3 views

PT-2023-13824 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions 9.3 through 15.4.5 GitLab versions 15.5 through 15.5.4 GitLab versions 15.6 through 15.6.0 Description: An issue has been discovered in GitLab where a project maintainer could leak a webhook secret token by changing the webhoo...

5.5CVSS5AI score0.00229EPSS

Exploits1References11

Cvelist•added 2023/01/24 12:0 a.m.•14 views

CVE-2022-3902

An issue has been discovered in GitLab affecting all versions starting from 9.3 before 15.4.6, all versions starting from 15.5 before 15.5.5, all versions starting from 15.6 before 15.6.1. It was possible for a project maintainer to unmask webhook secret tokens by reviewing the logs after testing...

5.5CVSS6.6AI score0.00223EPSS

Exploits1References3