| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2022-1680 |
|
|
|
2022-06-06 |
2022-06-17 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
An account takeover issue has been discovered in GitLab EE affecting all versions starting from 11.10 before 14.9.5, all versions starting from 14.10 before 14.10.4, all versions starting from 15.0 before 15.0.1. When group SAML SSO is configured, the SCIM feature (available only on Premium+ subscriptions) may allow any owner of a Premium group to invite arbitrary users through their username and email, then change those users' email addresses via SCIM to an attacker controlled email address and thus - in the absence of 2FA - take over those accounts. It is also possible for the attacker to change the display name and username of the targeted account. |
|
2 |
CVE-2022-1423 |
863 |
|
Exec Code |
2022-05-19 |
2022-06-02 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
Improper access control in the CI/CD cache mechanism in GitLab CE/EE affecting all versions starting from 1.0.2 before 14.8.6, all versions from 14.9.0 before 14.9.4, and all versions from 14.10.0 before 14.10.1 allows a malicious actor with Developer privileges to perform cache poisoning leading to arbitrary code execution in protected branches |
|
3 |
CVE-2022-0751 |
|
|
|
2022-03-28 |
2022-04-05 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Inaccurate display of Snippet files containing special characters in all versions of GitLab CE/EE allows an attacker to create Snippets with misleading content which could trick unsuspecting users into executing arbitrary commands |
|
4 |
CVE-2022-0427 |
352 |
|
|
2022-03-28 |
2022-04-04 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Missing sanitization of HTML attributes in Jupyter notebooks in all versions of GitLab CE/EE since version 14.5 allows an attacker to perform arbitrary HTTP POST requests on a user's behalf leading to potential account takeover |
|
5 |
CVE-2022-0425 |
918 |
|
|
2022-04-01 |
2022-04-12 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
A DNS rebinding vulnerability in the Irker IRC Gateway integration in all versions of GitLab CE/EE since version 7.9 allows an attacker to trigger Server Side Request Forgery (SSRF) attacks. |
|
6 |
CVE-2022-0249 |
918 |
|
|
2022-03-28 |
2022-04-04 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
A vulnerability was discovered in GitLab starting with version 12. GitLab was vulnerable to a blind SSRF attack since requests to shared address space were not blocked. |
|
7 |
CVE-2022-0172 |
863 |
|
Bypass |
2022-01-18 |
2022-01-25 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
An issue has been discovered in GitLab CE/EE affecting all versions starting with 12.3. Under certain conditions it was possible to bypass the IP restriction for public projects through GraphQL allowing unauthorised users to read titles of issues, merge requests and milestones. |
|
8 |
CVE-2022-0154 |
352 |
|
CSRF |
2022-01-18 |
2022-01-26 |
6.0 |
None |
Remote |
Medium |
??? |
Partial |
Partial |
Partial |
|
An issue has been discovered in GitLab affecting all versions starting from 7.7 before 14.4.5, all versions starting from 14.5.0 before 14.5.3, all versions starting from 14.6.0 before 14.6.2. GitLab was vulnerable to a Cross-Site Request Forgery attack that allows a malicious user to have their GitHub project imported on another GitLab user account. |
|
9 |
CVE-2021-39937 |
269 |
|
|
2021-12-13 |
2021-12-15 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
A collision in access memoization logic in all versions of GitLab CE/EE before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, leads to potential elevated privileges in groups and projects under rare circumstances |
|
10 |
CVE-2021-22236 |
863 |
|
|
2021-08-25 |
2021-08-31 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
Due to improper handling of OAuth client IDs, new subscriptions generated OAuth tokens on an incorrect OAuth client application. This vulnerability is present in GitLab CE/EE since version 14.1. |
|
11 |
CVE-2021-22230 |
|
|
|
2021-07-07 |
2021-07-09 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
Improper code rendering while rendering merge requests could be exploited to submit malicious code. This vulnerability affects GitLab CE/EE 9.3 and later through 13.11.6, 13.12.6, and 14.0.2. |
|
12 |
CVE-2021-22221 |
613 |
|
|
2021-06-08 |
2021-06-15 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
An issue has been discovered in GitLab affecting all versions starting from 12.9.0 before 13.10.5, all versions starting from 13.11.0 before 13.11.5, all versions starting from 13.12.0 before 13.12.2. Insufficient expired password validation in various operations allow user to maintain limited access after their password expired |
|
13 |
CVE-2021-22192 |
|
|
Exec Code |
2021-03-24 |
2021-03-26 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.2 allowing unauthorized authenticated users to execute arbitrary code on the server. |
|
14 |
CVE-2021-22189 |
295 |
|
|
2021-03-04 |
2021-03-10 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
Starting with version 13.7 the Gitlab CE/EE editions were affected by a security issue related to the validation of the certificates for the Fortinet OTP that could result in authentication issues. |
|
15 |
CVE-2021-22175 |
918 |
|
|
2021-06-11 |
2021-06-21 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
When requests to the internal network for webhooks are enabled, a server-side request forgery vulnerability in GitLab affecting all versions starting from 10.5 was possible to exploit for an unauthenticated attacker even on a GitLab instance where registration is disabled |
|
16 |
CVE-2020-13356 |
|
|
Bypass |
2020-11-19 |
2020-12-01 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.8.9. A specially crafted request could bypass Multipart protection and read files in certain specific paths on the server. Affected versions are: >=8.8.9, <13.3.9,>=13.4, <13.4.5,>=13.5, <13.5.2. |
|
17 |
CVE-2020-13339 |
79 |
|
XSS |
2020-10-08 |
2020-10-08 |
6.0 |
None |
Remote |
Medium |
??? |
Partial |
Partial |
Partial |
|
An issue has been discovered in GitLab affecting all versions before 13.2.10, 13.3.7 and 13.4.2: XSS in SVG File Preview. Overall impact is limited due to the current user only being impacted. |
|
18 |
CVE-2020-13322 |
863 |
|
|
2020-09-30 |
2020-10-02 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
A vulnerability was discovered in GitLab versions after 12.9. Due to improper verification of permissions, an unauthorized user can create and delete deploy tokens. |
|
19 |
CVE-2020-13321 |
|
|
Bypass |
2020-09-30 |
2020-10-02 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
A vulnerability was discovered in GitLab versions prior to 13.1. Username format restrictions could be bypassed allowing for html tags to be added. |
|
20 |
CVE-2020-13309 |
918 |
|
|
2020-09-14 |
2020-09-21 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab was vulnerable to a blind SSRF attack through the repository mirroring feature. |
|
21 |
CVE-2020-13307 |
613 |
|
|
2020-09-15 |
2020-09-18 |
6.0 |
None |
Remote |
Medium |
??? |
Partial |
Partial |
Partial |
|
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab was not revoking current user sessions when 2 factor authentication was activated allowing a malicious user to maintain their access. |
|
22 |
CVE-2020-13304 |
287 |
|
|
2020-09-14 |
2021-07-21 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Same 2 factor Authentication secret code was generated which resulted an attacker to maintain access under certain conditions. |
|
23 |
CVE-2020-13302 |
613 |
|
|
2020-09-14 |
2020-09-17 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Under certain conditions GitLab was not properly revoking user sessions and allowed a malicious user to access a user account with an old password. |
|
24 |
CVE-2020-13300 |
863 |
|
|
2020-09-14 |
2023-02-03 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
GitLab CE/EE version 13.3 prior to 13.3.4 was vulnerable to an OAuth authorization scope change without user consent in the middle of the authorization flow. |
|
25 |
CVE-2020-13290 |
287 |
|
|
2020-08-12 |
2021-12-22 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
In GitLab before 13.0.12, 13.1.6, and 13.2.3, improper access control was used on the Applications page |
|
26 |
CVE-2020-13272 |
863 |
|
|
2020-06-19 |
2021-07-21 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
OAuth flow missing verification checks CE/EE 12.3 and later through 13.0.1 allows unverified user to use OAuth authorization code flow |
|
27 |
CVE-2020-13270 |
862 |
|
|
2020-06-10 |
2022-07-12 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
Missing permission check on fork relation creation in GitLab CE/EE 11.3 and later through 13.0.1 allows guest users to create a fork relation on restricted public projects via API |
|
28 |
CVE-2020-13263 |
863 |
|
|
2020-06-19 |
2020-07-01 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
An authorization issue relating to project maintainer impersonation was identified in GitLab EE 9.5 and later through 13.0.1 that could allow unauthorized users to impersonate as a maintainer to perform limited actions. |
|
29 |
CVE-2020-10083 |
281 |
|
|
2020-03-13 |
2020-03-17 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
GitLab 12.7 through 12.8.1 has Insecure Permissions. Under certain conditions involving groups, project authorization changes were not being applied. |
|
30 |
CVE-2019-19261 |
918 |
|
|
2020-01-03 |
2020-01-09 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
GitLab Enterprise Edition (EE) 6.7 and later through 12.5 allows SSRF. |
|
31 |
CVE-2019-18457 |
281 |
|
|
2019-11-26 |
2019-11-27 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
An issue was discovered in GitLab Community and Enterprise Edition 11.8 through 12.4 when handling Security tokens.. It has Insecure Permissions. |
|
32 |
CVE-2019-15737 |
|
|
|
2019-09-16 |
2020-08-24 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
An issue was discovered in GitLab Community and Enterprise Edition through 12.2.1. Certain account actions needed improved authentication and session management. |
|
33 |
CVE-2019-15589 |
|
|
|
2019-12-18 |
2019-12-27 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
An improper access control vulnerability exists in Gitlab <v12.3.2, <v12.2.6, <v12.1.12 which would allow a blocked user would be able to use GIT clone and pull if he had obtained a CI/CD token before. |
|
34 |
CVE-2019-12430 |
78 |
|
Exec Code |
2020-03-10 |
2021-07-21 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
An issue was discovered in GitLab Community and Enterprise Edition 11.11. A specially crafted payload would allow an authenticated malicious user to execute commands remotely through the repository download feature. It allows Command Injection. |
|
35 |
CVE-2019-9890 |
|
|
|
2019-04-17 |
2020-08-24 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
An issue was discovered in GitLab Community and Enterprise Edition 10.x and 11.x before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Insecure Permissions. |
|
36 |
CVE-2019-7353 |
200 |
|
+Info |
2019-05-17 |
2020-08-24 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
An Incorrect Access Control issue was discovered in GitLab Community and Enterprise Edition 11.7.x before 11.7.4. GitLab Releases were vulnerable to an authorization issue that allowed users to view confidential issue and merge request titles of other projects. |
|
37 |
CVE-2019-6793 |
918 |
|
|
2019-09-09 |
2019-09-10 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in GitLab Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. The Jira integration feature is vulnerable to an unauthenticated blind SSRF issue. |
|
38 |
CVE-2019-6783 |
22 |
|
Exec Code Dir. Trav. |
2019-09-09 |
2019-09-10 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
An issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. GitLab Pages contains a directory traversal vulnerability that could lead to remote command execution. |
|
39 |
CVE-2019-5883 |
|
|
|
2019-05-17 |
2020-08-24 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
An Incorrect Access Control issue was discovered in GitLab Community and Enterprise Edition 6.0 and later but before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1. The issue comments feature could allow a user to comment on an issue which they shouldn't be allowed to. |
|
40 |
CVE-2019-5486 |
287 |
|
Bypass |
2019-12-18 |
2019-12-30 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
A authentication bypass vulnerability exists in GitLab CE/EE <v12.3.2, <v12.2.6, and <v12.1.10 in the Salesforce login integration that could be used by an attacker to create an account that bypassed domain restrictions and email verification requirements. |
|
41 |
CVE-2019-5473 |
287 |
|
Bypass |
2019-09-09 |
2023-02-23 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
An authentication issue was discovered in GitLab that allowed a bypass of email verification. This was addressed in GitLab 12.1.2 and 12.0.4. |
|
42 |
CVE-2019-5468 |
269 |
|
|
2020-01-28 |
2020-02-05 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
An privilege escalation issue was discovered in Gitlab versions < 12.1.2, < 12.0.4, and < 11.11.6 when Mattermost slash commands are used with a blocked account. |
|
43 |
CVE-2019-5462 |
613 |
|
|
2020-01-28 |
2020-08-24 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A privilege escalation issue was discovered in GitLab CE/EE 9.0 and later when trigger tokens are not rotated once ownership of them has changed. |
|
44 |
CVE-2018-20501 |
862 |
|
|
2019-12-30 |
2020-01-08 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It has Incorrect Access Control. |
|
45 |
CVE-2018-20499 |
918 |
|
|
2019-12-30 |
2020-01-07 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
An issue was discovered in GitLab Community and Enterprise Edition before 11.x before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It allows SSRF. |
|
46 |
CVE-2018-19576 |
284 |
|
|
2019-07-10 |
2019-07-11 |
6.4 |
None |
Remote |
Low |
Not required |
None |
Partial |
Partial |
|
GitLab CE/EE, versions 8.6 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an access control issue that allows a Guest user to make changes to or delete their own comments on an issue, after the issue was made Confidential. |
|
47 |
CVE-2018-19569 |
285 |
|
|
2019-07-10 |
2019-07-11 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
GitLab CE/EE, versions 8.8 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an authorization vulnerability that allows access to the web-UI as a user using a Personal Access Token of any scope. |
|
48 |
CVE-2018-19359 |
|
|
|
2019-04-25 |
2019-10-03 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
GitLab Community and Enterprise Edition 8.9 and later and before 11.5.0-rc12, 11.4.6, and 11.3.10 has Incorrect Access Control. |
|
49 |
CVE-2018-18646 |
918 |
|
|
2018-12-04 |
2018-12-27 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It allows SSRF. |
|
50 |
CVE-2018-14603 |
352 |
|
CSRF |
2018-07-27 |
2018-09-18 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in GitLab Community and Enterprise Edition before 10.8.7, 11.0.x before 11.0.5, and 11.1.x before 11.1.2. CSRF can occur in the Test feature of the System Hooks component. |
