| CVE-2022-1510 |
Medium |
Unknown |
Denial of service |
GitLab all versions starting from 13.9 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1 was not... |
| CVE-2022-1460 |
Medium |
Unknown |
Access restriction bypass |
GitLab all versions starting from 9.2 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1 was not... |
| CVE-2022-1433 |
Low |
Unknown |
Unknown |
Missing invalidation of Markdown caching causes potential payloads from a previously exploitable XSS vulnerability (CVE-2022-1175) to persist and execute in... |
| CVE-2022-1431 |
Medium |
Unknown |
Denial of service |
GitLab all versions starting from 12.10 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1 was... |
| CVE-2022-1428 |
Medium |
Unknown |
Denial of service |
GitLab all versions before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1 was incorrectly verifying... |
| CVE-2022-1426 |
Low |
Unknown |
Authentication bypass |
GitLab from 12.6 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1 was not correctly... |
| CVE-2022-1423 |
High |
Unknown |
Arbitrary code execution |
Improper access control in the CI/CD cache mechanism in GitLab CE/EE affecting all versions from 1.0.2 before 14.8.6 allows a malicious actor with Developer... |
| CVE-2022-1417 |
Medium |
Unknown |
Authentication bypass |
Improper access control in GitLab CE/EE affecting all versions starting from 8.12 before 14.8.6, all versions starting from 8.13 before 14.9.4, and all... |
| CVE-2022-1416 |
Medium |
Unknown |
Unknown |
Missing sanitization of data in Pipeline error messages in GitLab CE/EE affecting all versions starting from 1.0.2 before 14.8.6 allows for rendering of... |
| CVE-2022-1413 |
Medium |
Unknown |
Information disclosure |
Missing input masking in GitLab CE/EE affecting all versions starting from 1.0.2 before 14.8.6 causes potentially sensitive integration properties to be... |
| CVE-2022-1406 |
Medium |
Unknown |
Insufficient validation |
Improper input validation in GitLab CE/EE affecting all versions from 8.12 prior to 14.8.6, all versions from 14.9.0 prior to 14.9.4, and 14.10.0 allows a... |
| CVE-2022-1352 |
Medium |
Unknown |
Information disclosure |
Due to an insecure direct object reference vulnerability in Gitlab EE/CE affecting all versions from 11.0 prior to 14.8.6, 14.9 prior to 14.9.4, and 14.10... |
| CVE-2022-1124 |
Medium |
Unknown |
Information disclosure |
An improper authorization issue has been discovered in GitLab CE/EE affecting all versions prior to 14.8.6, all versions from 14.9.0 prior to 14.9.4, and... |