| CVE-2022-2539 |
AVG-2785 |
Medium |
Yes |
Unknown |
Unauthorized users can filter issues by contact and organization |
| CVE-2022-2534 |
AVG-2785 |
Low |
Yes |
Unknown |
GitLab was returning contributor emails due to improper data handling in the Datadog integration |
| CVE-2022-2512 |
AVG-2785 |
Medium |
Yes |
Unknown |
Membership changes are not reflected in TODO for confidential notes, allowing a former project members to read updates via TODOs |
| CVE-2022-2500 |
AVG-2785 |
Medium |
Yes |
Unknown |
stored XSS in job error messages allows attackers to perform arbitrary actions on behalf of victims at client side |
| CVE-2022-2497 |
AVG-2785 |
Medium |
Yes |
Unknown |
A malicious maintainer could exfiltrate an integration's access token by modifying the integration URL such that authenticated requests are sent to an... |
| CVE-2022-2456 |
AVG-2785 |
Medium |
Yes |
Unknown |
It may be possible for malicious group or project maintainers to change their corresponding group or project visibility by crafting a malicious POST request |
| CVE-2022-2417 |
AVG-2785 |
Medium |
Yes |
Unknown |
gitlab allows an authenticated and authorised user to import a project that includes branch names which are 40 hexadecimal characters, which could be abused... |
| CVE-2022-2326 |
AVG-2785 |
Medium |
Yes |
Unknown |
It may be possible to gain access to a private project through an email invite by using other user's email address as an unverified secondary email |
| CVE-2022-2307 |
AVG-2785 |
Low |
Yes |
Unknown |
gitlab allows a malicious Group Owner to retain a usable Group Access Token even after the Group is deleted, though the APIs usable by that token are limited |
| CVE-2022-2303 |
AVG-2785 |
Medium |
Yes |
Unknown |
It may be possible for group members to bypass 2FA enforcement enabled at the group level by using Resource Owner Password Credentials grant to obtain an... |
| CVE-2022-2095 |
AVG-2785 |
Medium |
Yes |
Unknown |
gitlab allows a malicious authenticated user to view a public project's Deploy Key's public fingerprint and name when that key has write permission |
| CVE-2022-1510 |
AVG-2696 |
Medium |
Unknown |
Denial of service |
GitLab all versions starting from 13.9 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1 was not... |
| CVE-2022-1460 |
AVG-2696 |
Medium |
Unknown |
Access restriction bypass |
GitLab all versions starting from 9.2 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1 was not... |
| CVE-2022-1433 |
AVG-2696 |
Low |
Unknown |
Unknown |
Missing invalidation of Markdown caching causes potential payloads from a previously exploitable XSS vulnerability (CVE-2022-1175) to persist and execute in... |
| CVE-2022-1431 |
AVG-2696 |
Medium |
Unknown |
Denial of service |
GitLab all versions starting from 12.10 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1 was... |
| CVE-2022-1428 |
AVG-2696 |
Medium |
Unknown |
Denial of service |
GitLab all versions before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1 was incorrectly verifying... |
| CVE-2022-1426 |
AVG-2696 |
Low |
Unknown |
Authentication bypass |
GitLab from 12.6 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1 was not correctly... |
| CVE-2022-1423 |
AVG-2696 |
High |
Unknown |
Arbitrary code execution |
Improper access control in the CI/CD cache mechanism in GitLab CE/EE affecting all versions from 1.0.2 before 14.8.6 allows a malicious actor with Developer... |
| CVE-2022-1417 |
AVG-2696 |
Medium |
Unknown |
Authentication bypass |
Improper access control in GitLab CE/EE affecting all versions starting from 8.12 before 14.8.6, all versions starting from 8.13 before 14.9.4, and all... |
| CVE-2022-1416 |
AVG-2696 |
Medium |
Unknown |
Unknown |
Missing sanitization of data in Pipeline error messages in GitLab CE/EE affecting all versions starting from 1.0.2 before 14.8.6 allows for rendering of... |
| CVE-2022-1413 |
AVG-2696 |
Medium |
Unknown |
Information disclosure |
Missing input masking in GitLab CE/EE affecting all versions starting from 1.0.2 before 14.8.6 causes potentially sensitive integration properties to be... |
| CVE-2022-1406 |
AVG-2696 |
Medium |
Unknown |
Insufficient validation |
Improper input validation in GitLab CE/EE affecting all versions from 8.12 prior to 14.8.6, all versions from 14.9.0 prior to 14.9.4, and 14.10.0 allows a... |
| CVE-2022-1352 |
AVG-2696 |
Medium |
Unknown |
Information disclosure |
Due to an insecure direct object reference vulnerability in Gitlab EE/CE affecting all versions from 11.0 prior to 14.8.6, 14.9 prior to 14.9.4, and 14.10... |
| CVE-2022-1124 |
AVG-2696 |
Medium |
Unknown |
Information disclosure |
An improper authorization issue has been discovered in GitLab CE/EE affecting all versions prior to 14.8.6, all versions from 14.9.0 prior to 14.9.4, and... |
| CVE-2021-39945 |
AVG-2603 |
Low |
Yes |
Access restriction bypass |
Improper access control in the GitLab API affecting all versions before version 14.5.2 allows an author of a Merge Request to approve the Merge Request even... |
| CVE-2021-39944 |
AVG-2603 |
High |
Yes |
Privilege escalation |
An issue has been discovered in GitLab before version 14.5.2. A permissions validation flaw allowed group members with a developer role to elevate their... |
| CVE-2021-39941 |
AVG-2603 |
Low |
Yes |
Information disclosure |
An information disclosure vulnerability in GitLab before version 14.5.2 allowed non-project members to see the default branch name for projects that... |
| CVE-2021-39940 |
AVG-2603 |
Medium |
Yes |
Denial of service |
An issue has been discovered in GitLab before version 14.5.2. GitLab Maven Package registry is vulnerable to a regular expression denial of service when a... |
| CVE-2021-39938 |
AVG-2603 |
Low |
Yes |
Denial of service |
A vulnerable regular expression pattern in GitLab before version 14.5.2 allows an attacker to cause uncontrolled resource consumption leading to Denial of... |
| CVE-2021-39937 |
AVG-2603 |
Medium |
Yes |
Privilege escalation |
A collision in access memoization logic in all versions of GitLab before version 14.5.2 leads to potential elevated privileges in groups and projects under... |
| CVE-2021-39936 |
AVG-2603 |
Low |
Yes |
Access restriction bypass |
Improper access control in GitLab before version 14.5.2 allows an attacker in possession of a deploy token to access a project's disabled wiki. |
| CVE-2021-39935 |
AVG-2603 |
Medium |
Yes |
Access restriction bypass |
An issue has been discovered in GitLab before version 14.5.2. Unauthorized external users could perform Server Side Requests via the CI Lint API. |
| CVE-2021-39934 |
AVG-2603 |
Medium |
Yes |
Information disclosure |
Improper access control allows any project member to retrieve the service desk email address in GitLab before version 14.5.2. |
| CVE-2021-39933 |
AVG-2603 |
Medium |
Yes |
Denial of service |
An issue has been discovered in GitLab before version 14.5.2. A regular expression used for handling user input (notes, comments, etc) was susceptible to... |
| CVE-2021-39932 |
AVG-2603 |
Medium |
Yes |
Denial of service |
An issue has been discovered in GitLab before version 14.5.2. Using large payloads, the diff feature could be used to trigger high load time for users... |
| CVE-2021-39931 |
AVG-2603 |
Low |
Yes |
Access restriction bypass |
An issue has been discovered in GitLab before version 14.5.2. Under specific condition an unauthorised project member was allowed to delete a protected... |
| CVE-2021-39930 |
AVG-2604 |
Medium |
Yes |
Information disclosure |
Missing authorization in GitLab EE before version 14.5.2 allowed an attacker to access a user's custom project and group templates. |
| CVE-2021-39919 |
AVG-2603 |
Medium |
No |
Information disclosure |
In all versions of GitLab before version 14.5.2, the reset password token and new user email token are accidentally logged which may lead to information disclosure. |
| CVE-2021-39918 |
AVG-2604 |
Low |
Yes |
Access restriction bypass |
Incorrect Authorization in GitLab EE affecting all versions before version 14.5.2 allows a user to add comments to a vulnerability which cannot be accessed. |
| CVE-2021-39917 |
AVG-2603 |
Medium |
Yes |
Denial of service |
An issue has been discovered in GitLab before version 14.5.2. A regular expression related to quick actions features was susceptible to catastrophic... |
| CVE-2021-39916 |
AVG-2604 |
Medium |
Yes |
Information disclosure |
Lack of an access control check in the External Status Check feature allowed any authenticated user to retrieve the configuration of any External Status... |
| CVE-2021-39915 |
AVG-2603 |
Medium |
Yes |
Information disclosure |
Improper access control in the GraphQL API in GitLab before version 14.5.2 allows an attacker to see the names of project access tokens on arbitrary projects. |
| CVE-2021-39914 |
AVG-2503 |
Low |
Yes |
Denial of service |
A regular expression denial of service issue in GitLab versions 8.13 to 14.2.5, 14.3.0 to 14.3.3 and 14.4.0 could cause excessive usage of resources when a... |
| CVE-2021-39913 |
AVG-2503 |
Medium |
No |
Information disclosure |
Accidental logging of system root password in the migration log in all versions of GitLab CE/EE allows an attacker with local file system access to obtain... |
| CVE-2021-39912 |
AVG-2503 |
Medium |
Yes |
Denial of service |
A potential denial of service vulnerability was discovered in GitLab CE/EE starting with version 13.7. Using a malformed TIFF images was possible to trigger... |
| CVE-2021-39911 |
AVG-2503 |
Low |
Yes |
Information disclosure |
An improper access control flaw in GitLab CE/EE since version 13.9 exposes private email address of Issue and Merge Requests assignee to Webhook data consumers. |
| CVE-2021-39910 |
AVG-2603 |
Low |
Yes |
Content spoofing |
An issue has been discovered in GitLab before version 14.5.2. GitLab was vulnerable to HTML Injection through the Swagger UI feature. |
| CVE-2021-39909 |
AVG-2503 |
Medium |
Yes |
Access restriction bypass |
Lack of email address ownership verification in the CODEOWNERS feature in all versions of GitLab EE since version 11.3 allows an attacker to bypass... |
| CVE-2021-39907 |
AVG-2503 |
Medium |
Yes |
Denial of service |
A potential denial of service vulnerability was discovered in GitLab CE/EE starting with version 13.7. The stripping of EXIF data from certain images... |
| CVE-2021-39906 |
AVG-2503 |
High |
Yes |
Cross-site scripting |
Improper validation of ipynb files in GitLab CE/EE version 13.5 and above allows an attacker to execute arbitrary JavaScript code on the victim's behalf. |
| CVE-2021-39905 |
AVG-2503 |
Medium |
Yes |
Information disclosure |
An information disclosure vulnerability in the GitLab CE/EE API since version 8.9.6 allows a user to see basic information on private groups that a public... |
| CVE-2021-39904 |
AVG-2503 |
Medium |
Yes |
Access restriction bypass |
An Improper Access Control vulnerability in the GraphQL API in GitLab CE/EE since version 13.1 allows a Merge Request creator to resolve discussions and... |
| CVE-2021-39903 |
AVG-2503 |
Medium |
Yes |
Access restriction bypass |
In all versions of GitLab CE/EE since version 13.0, a low privileged user, through an API call, can change the visibility level of a group or a project to a... |
| CVE-2021-39902 |
AVG-2503 |
Medium |
Yes |
Access restriction bypass |
Incorrect Authorization in GitLab CE/EE 13.4 or above allows a user with guest membership in a project to modify the severity of an incident. |
| CVE-2021-39901 |
AVG-2503 |
Low |
Yes |
Information disclosure |
In all versions of GitLab CE/EE since version 11.10, an admin of a group can see the SCIM token of that group by visiting a specific endpoint. |
| CVE-2021-39900 |
AVG-2431 |
Low |
Yes |
Information disclosure |
Information disclosure from SendEntry in GitLab starting with 10.8 allowed exposure of full URL of artifacts stored in object-storage with a temporary... |
| CVE-2021-39899 |
AVG-2431 |
Low |
No |
Insufficient validation |
In all versions of GitLab CE/EE, an attacker with physical access to a user’s machine may brute force the user’s password via the change password function.... |
| CVE-2021-39898 |
AVG-2503 |
Low |
Yes |
Information disclosure |
In all versions of GitLab CE/EE since version 10.6, a project export leaks the external webhook token value which may allow access to the project which it... |
| CVE-2021-39897 |
AVG-2503 |
Low |
Yes |
Access restriction bypass |
Improper access control in GitLab CE/EE version 10.5 and above allowed subgroup members with inherited access to a project from a parent group to still have... |
| CVE-2021-39896 |
AVG-2431 |
Low |
Yes |
Content spoofing |
In all versions of GitLab CE/EE since version 8.0, when an admin uses the impersonate feature twice and stops impersonating, the admin may be logged in as... |
| CVE-2021-39895 |
AVG-2503 |
Medium |
Yes |
Information disclosure |
In all versions of GitLab CE/EE since version 8.0, an attacker can set the pipeline schedules to be active in a project export so when an unsuspecting owner... |
| CVE-2021-39894 |
AVG-2431 |
Medium |
Yes |
Cross-site request forgery |
In all versions of GitLab CE/EE since version 8.0, a DNS rebinding vulnerability exists in Fogbugz importer which may be used by attackers to exploit Server... |
| CVE-2021-39893 |
AVG-2431 |
Medium |
Yes |
Denial of service |
A potential denial of service vulnerability was discovered in GitLab starting with version 9.1 that allowed parsing files without authorisation. |
| CVE-2021-39892 |
AVG-2431 |
Medium |
Yes |
Information disclosure |
In all versions of GitLab CE/EE since version 12.0, a lower privileged user can import users from projects that they don't have a maintainer role on and... |
| CVE-2021-39891 |
AVG-2431 |
Medium |
Yes |
Information disclosure |
In all versions of GitLab CE/EE since version 8.0, access tokens created as part of admin's impersonation of a user are not cleared at the end of... |
| CVE-2021-39890 |
AVG-2431 |
Low |
Yes |
Access restriction bypass |
It was possible to bypass 2FA for LDAP users and access some specific pages with Basic Authentication in GitLab 14.1.1 and above. |
| CVE-2021-39889 |
AVG-2432 |
Medium |
Yes |
Information disclosure |
In all versions of GitLab EE since version 14.1, due to an insecure direct object reference vulnerability, an endpoint may reveal the protected branch name... |
| CVE-2021-39888 |
AVG-2432 |
Medium |
Yes |
Information disclosure |
In all versions of GitLab EE since version 13.10, a specific API endpoint may reveal details about a private group and other sensitive info inside issue and... |
| CVE-2021-39887 |
AVG-2431 |
High |
Yes |
Cross-site scripting |
A stored Cross-Site Scripting vulnerability in the GitLab Flavored Markdown in GitLab CE/EE version 8.4 and above allowed an attacker to execute arbitrary... |
| CVE-2021-39886 |
AVG-2431 |
Low |
Yes |
Information disclosure |
Permissions rules were not applied while issues were moved between projects of the same group in GitLab versions starting with 10.6 and up to 14.1.7,... |
| CVE-2021-39885 |
AVG-2432 |
High |
Yes |
Cross-site scripting |
A Stored cross-site scripting security issue in merge request creation page in Gitlab EE version 13.5 and above allows an attacker to execute arbitrary... |
| CVE-2021-39884 |
AVG-2432 |
Medium |
Yes |
Information disclosure |
In all versions of GitLab EE since version 8.13, an endpoint discloses names of private groups that have access to a project to low privileged users that... |
| CVE-2021-39883 |
AVG-2432 |
Medium |
Yes |
Information disclosure |
Improper authorization checks in GitLab EE > 13.11 allows subgroup members to see epics from all parent subgroups. |
| CVE-2021-39882 |
AVG-2431 |
Medium |
Yes |
Information disclosure |
In all versions of GitLab CE/EE, provided a user ID, anonymous users can use a few endpoints to retrieve information about any GitLab user. |
| CVE-2021-39881 |
AVG-2431 |
Low |
Yes |
Content spoofing |
In all versions of GitLab CE/EE since version 7.7, the application may let a malicious user create an OAuth client application with arbitrary scope names... |
| CVE-2021-39879 |
AVG-2431 |
Low |
No |
Authentication bypass |
Missing authentication in all versions of GitLab CE/EE since version 7.11.0 allows an attacker with access to a victim's session to disable two-factor... |
| CVE-2021-39878 |
AVG-2431 |
Medium |
Yes |
Cross-site scripting |
A stored Reflected Cross-Site Scripting vulnerability in the Jira integration in GitLab version 13.0 up to 14.3.1 allowed an attacker to execute arbitrary... |
| CVE-2021-39877 |
AVG-2431 |
High |
Yes |
Denial of service |
A vulnerability was discovered in GitLab starting with version 12.2 that allows an attacker to cause uncontrolled resource consumption with a specially crafted file. |
| CVE-2021-39875 |
AVG-2431 |
Medium |
Yes |
Information disclosure |
In all versions of GitLab CE/EE since version 13.6, it is possible to see pending invitations of any public group or public project by visiting an API endpoint. |
| CVE-2021-39874 |
AVG-2431 |
Medium |
Yes |
Authentication bypass |
In all versions of GitLab CE/EE since version 11.0, the requirement to enforce 2FA is not honored when using git commands. |
| CVE-2021-39873 |
AVG-2431 |
Medium |
Yes |
Content spoofing |
In all versions of GitLab CE/EE, there exists a content spoofing vulnerability which may be leveraged by attackers to trick users into visiting a malicious... |
| CVE-2021-39872 |
AVG-2431 |
Medium |
Yes |
Access restriction bypass |
In all versions of GitLab CE/EE since version 14.1, an improper access control vulnerability allows users with expired password to still access GitLab... |
| CVE-2021-39871 |
AVG-2431 |
Medium |
Yes |
Access restriction bypass |
In all versions of GitLab CE/EE since version 13.0, an instance that has the setting to disable Bitbucket Server import enabled is bypassed by an attacker... |
| CVE-2021-39870 |
AVG-2431 |
Medium |
Yes |
Access restriction bypass |
In all versions of GitLab CE/EE since version 11.11, an instance that has the setting to disable Repo by URL import enabled is bypassed by an attacker... |
| CVE-2021-39869 |
AVG-2431 |
Medium |
Yes |
Information disclosure |
In all versions of GitLab CE/EE since version 8.9, project exports may expose trigger tokens configured on that project. |
| CVE-2021-39868 |
AVG-2431 |
Medium |
Yes |
Denial of service |
In all versions of GitLab CE/EE since version 8.12, an authenticated low-privileged malicious user may create a project with unlimited repository size by... |
| CVE-2021-39867 |
AVG-2431 |
Medium |
Yes |
Cross-site request forgery |
In all versions of GitLab CE/EE since version 8.15, a DNS rebinding vulnerability in Gitea Importer may be exploited by an attacker to trigger Server Side... |
| CVE-2021-39866 |
AVG-2431 |
Medium |
Yes |
Access restriction bypass |
A business logic error in the project deletion process in GitLab 13.6 and later allows persistent access via project access tokens. |
| CVE-2021-31799 |
AVG-2125 |
Medium |
Yes |
Arbitrary command execution |
RDoc before version 6.3.1, as bundled with Ruby before version 2.7.4 and 2.6.8 as well as GitLab before version 14.0.2, used to call Kernel#open to open a... |
| CVE-2021-28965 |
AVG-1822 |
Critical |
Yes |
Incorrect calculation |
When parsing and serializing a crafted XML document, the REXML gem (including the one bundled with Ruby) can create a wrong XML document whose structure is... |
| CVE-2021-22942 |
AVG-2492 |
Medium |
Yes |
Open redirect |
A possible open redirect vulnerability in the Host Authorization middleware in Action Pack >= 6.0.0 before versions 6.1.4.1 and 6.0.4.1 that could allow... |
| CVE-2021-22904 |
AVG-2090 |
Low |
Yes |
Denial of service |
There is a possible denial of service (DoS) vulnerability in the Token Authentication logic in Action Controller before versions 6.1.3.2, 6.0.3.7, 5.2.4.6... |
| CVE-2021-22903 |
AVG-1919 |
Medium |
Yes |
Open redirect |
There is a possible Open Redirect Vulnerability in Action Pack 6.1 before version 6.1.3.2. Specially crafted Host headers in combination with certain... |
| CVE-2021-22902 |
AVG-2090 |
Low |
Yes |
Denial of service |
There is a possible Denial of Service vulnerability in Action Dispatch before version 6 before 6.0.3.7 and 6.1.0.2. Carefully crafted Accept headers can... |
| CVE-2021-22885 |
AVG-2090 |
Medium |
Yes |
Information disclosure |
There is a possible information disclosure/unintended method execution vulnerability in Action Pack before versions 6.1.3.2, 6.0.3.7, 5.2.4.6 and 5.2.6 when... |
| CVE-2021-22259 |
AVG-2432 |
Medium |
Yes |
Denial of service |
A potential denial of service vulnerability was discovered in GitLab EE starting with version 12.6 due to lack of pagination in dependencies API. |
| CVE-2021-22258 |
AVG-2335 |
Medium |
Yes |
Information disclosure |
The project import/export feature in GitLab 8.9 and greater could be used to obtain otherwise private email addresses. |
| CVE-2021-22257 |
AVG-2335 |
Medium |
Yes |
Information disclosure |
An issue has been discovered in GitLab affecting all versions starting from 14.0 before 14.2.2. The route for /user.keys is not restricted on instances with... |
| CVE-2021-22241 |
AVG-2251 |
High |
Yes |
Cross-site scripting |
An issue has been discovered in GitLab affecting all versions starting from 13.4 and before 14.1.2. It was possible to exploit a stored cross-site-scripting... |
| CVE-2021-22239 |
AVG-2251 |
Medium |
Yes |
Access restriction bypass |
An unauthorized user was able to insert metadata when creating a new issue on GitLab 14.0 and later before version 14.1.2. |
| CVE-2021-22238 |
AVG-2335 |
Medium |
Yes |
Cross-site scripting |
An issue has been discovered in GitLab affecting all versions starting with 13.3. GitLab was vulnerable to a stored cross-site scripting (XSS) attack by... |
| CVE-2021-22237 |
AVG-2251 |
Medium |
Yes |
Access restriction bypass |
Under specialized conditions, GitLab may allow a user with an impersonation token to perform Git actions even if impersonation is disabled. This... |
| CVE-2021-22236 |
AVG-2251 |
Medium |
Yes |
Incorrect calculation |
Due to improper handling of OAuth client IDs, new subscriptions generated OAuth tokens on an incorrect OAuth client application. This vulnerability is... |
| CVE-2021-22233 |
AVG-2137 |
Medium |
Yes |
Information disclosure |
An information disclosure vulnerability in GitLab EE versions 13.10 and later before 14.0.2 allowed a user to read project details. |
| CVE-2021-22232 |
AVG-2125 |
Low |
Yes |
Content spoofing |
HTML injection was possible via the full name field before version 14.0.2 in GitLab CE. |
| CVE-2021-22231 |
AVG-2125 |
Low |
Yes |
Denial of service |
A denial of service on the user's profile page is found starting with GitLab CE/EE 8.0 and before 14.0.2 that allows an attacker to reject access to their... |
| CVE-2021-22230 |
AVG-2125 |
Medium |
Yes |
Arbitrary code execution |
Improper code rendering while rendering merge requests could be exploited to submit malicious code. This vulnerability affects GitLab CE/EE 9.3 and later up... |
| CVE-2021-22229 |
AVG-2125 |
Medium |
Yes |
Information disclosure |
An issue has been discovered in GitLab CE/EE affecting all versions starting with 12.8 and before 14.0.2. Under a special condition it was possible to... |
| CVE-2021-22228 |
AVG-2125 |
Medium |
Yes |
Information disclosure |
An issue has been discovered in GitLab affecting all versions before 14.0.2. Improper access control allows unauthorised users to access project details... |
| CVE-2021-22227 |
AVG-2125 |
Medium |
Yes |
Cross-site scripting |
A reflected cross-site script vulnerability in GitLab before version 14.0.2 allowed an attacker to send a malicious link to a victim and trigger actions on... |
| CVE-2021-22226 |
AVG-2125 |
Medium |
Yes |
Access restriction bypass |
Under certain conditions, some users were able to push to protected branches that were restricted to deploy keys in GitLab CE/EE since version 13.9 and... |
| CVE-2021-22225 |
AVG-2125 |
Medium |
Yes |
Cross-site scripting |
Insufficient input sanitization in markdown in GitLab version 13.11 and up before version 14.0.2 allows an attacker to exploit a stored cross-site scripting... |
| CVE-2021-22224 |
AVG-2125 |
High |
Yes |
Cross-site request forgery |
A cross-site request forgery vulnerability in the GraphQL API in GitLab since version 13.12 and before version 14.0.2 allowed an attacker to call mutations... |
| CVE-2021-22223 |
AVG-2125 |
Medium |
Yes |
Cross-site scripting |
Client-Side code injection through a Feature Flag name in GitLab CE/EE starting with 11.9 and before version 14.0.2 allows a specially crafted feature flag... |
| CVE-2021-22221 |
AVG-2023 |
Medium |
Yes |
Authentication bypass |
An issue has been discovered in GitLab affecting all versions starting from 12.9.0 before 13.12.2. Insufficient expired password validation in various... |
| CVE-2021-22220 |
AVG-2023 |
Medium |
Yes |
Cross-site scripting |
An issue has been discovered in GitLab affecting all versions starting with 13.10 before 13.12.2. GitLab was vulnerable to a stored cross- site scripting... |
| CVE-2021-22219 |
AVG-2023 |
Medium |
Yes |
Information disclosure |
GitLab CE/EE since version 9.5 before 13.12.2 allows a high privilege user to obtain sensitive information from log files because the sensitive information... |
| CVE-2021-22218 |
AVG-2023 |
Low |
Yes |
Content spoofing |
All versions of GitLab CE/EE starting with 12.8 before 13.12.2 were affected by an issue in the handling of x509 certificates that could be used to spoof... |
| CVE-2021-22217 |
AVG-2023 |
Medium |
Yes |
Denial of service |
A denial of service vulnerability in all versions of GitLab CE/EE before 13.12.2 allows an attacker to cause uncontrolled resource consumption with a... |
| CVE-2021-22216 |
AVG-2023 |
Medium |
Yes |
Denial of service |
A denial of service vulnerability in all versions of GitLab CE/EE before 13.12.2 allows an attacker to cause uncontrolled resource consumption with a very... |
| CVE-2021-22215 |
AVG-2045 |
High |
Yes |
Information disclosure |
An information disclosure vulnerability in GitLab EE versions 13.11 and later before 13.12.2 allowed a project owner to leak information about the members'... |
| CVE-2021-22214 |
AVG-2023 |
Medium |
Yes |
Access restriction bypass |
When requests to the internal network for webhooks are enabled, a server-side request forgery vulnerability in GitLab CE/EE affecting all versions starting... |
| CVE-2021-22213 |
AVG-2023 |
High |
Yes |
Information disclosure |
A cross-site leak vulnerability in the OAuth flow of all versions of GitLab CE/EE since 7.10 before 13.12.2 allowed an attacker to leak an OAuth access... |
| CVE-2021-22211 |
AVG-1888 |
Low |
Yes |
Access restriction bypass |
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7. GitLab Dependency Proxy, under certain circumstances, can... |
| CVE-2021-22210 |
AVG-1888 |
Medium |
Yes |
Denial of service |
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.2. When querying the repository branches through API, GitLab was... |
| CVE-2021-22209 |
AVG-1888 |
High |
Yes |
Insufficient validation |
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.8. GitLab was not properly validating authorisation tokens which... |
| CVE-2021-22208 |
AVG-1888 |
Medium |
Yes |
Access restriction bypass |
An issue has been discovered in GitLab affecting versions prior to 13.5. Improper permission check could allow the change of timestamp for issue creation or... |
| CVE-2021-22206 |
AVG-1888 |
Medium |
Yes |
Information disclosure |
An issue has been discovered in GitLab affecting all versions prior to 11.6. Pull mirror credentials were exposed and could allow other maintainers to view... |
| CVE-2021-22205 |
AVG-1822 |
Critical |
Yes |
Arbitrary code execution |
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files that is passed to a... |
| CVE-2021-22203 |
AVG-1770 |
High |
Yes |
Arbitrary filesystem access |
An issue has been discovered in GitLab CE/EE affecting all versions starting with 13.7.9. A specially crafted Wiki page allowed attackers to read arbitrary... |
| CVE-2021-22202 |
AVG-1770 |
Low |
Yes |
Cross-site request forgery |
An issue has been discovered in GitLab CE/EE affecting all previous versions. If the victim is an admin, it was possible to issue a cross- site request... |
| CVE-2021-22201 |
AVG-1770 |
Critical |
Yes |
Directory traversal |
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.9. A specially crafted import file could read files on the server. The... |
| CVE-2021-22200 |
AVG-1770 |
Medium |
Yes |
Information disclosure |
An issue has been discovered in GitLab CE/EE affecting all versions starting with 12.6. Under a special condition it was possible to access data of an... |
| CVE-2021-22199 |
AVG-1770 |
Low |
Yes |
Cross-site scripting |
An issue has been discovered in GitLab affecting all versions starting with 12.9. GitLab was vulnerable to a stored cross-site scripting (XSS) attack if... |
| CVE-2021-22198 |
AVG-1770 |
Medium |
Yes |
Access restriction bypass |
An issue has been discovered in GitLab CE/EE affecting all versions from 13.8 and above allowing an authenticated user to delete incident metric images of... |
| CVE-2021-22197 |
AVG-1770 |
Low |
Yes |
Denial of service |
An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.6 where an infinite loop exist when an authenticated user with specific... |
| CVE-2021-22196 |
AVG-1770 |
Medium |
Yes |
Cross-site scripting |
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.4. It was possible to exploit a stored cross-site- scripting in merge... |
| CVE-2021-22192 |
AVG-1710 |
Critical |
Yes |
Arbitrary code execution |
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.2 allowing unauthorized authenticated users to execute arbitrary code... |
| CVE-2021-22186 |
AVG-1648 |
Medium |
Yes |
Access restriction bypass |
An authorization issue in GitLab CE/EE version 9.4 and up allowed a group maintainer to modify group CI/CD variables which should be restricted to group... |
| CVE-2021-22185 |
AVG-1648 |
Medium |
Yes |
Cross-site scripting |
Insufficient input sanitization in wikis in GitLab version 13.8 and up allows an attacker to exploit a stored cross-site scripting vulnerability via a... |
| CVE-2021-22181 |
AVG-2023 |
High |
Yes |
Denial of service |
A denial of service vulnerability in GitLab CE/EE affecting all versions since 11.8 before 13.12.2 allows an attacker to create a recursive pipeline... |
| CVE-2021-22172 |
AVG-1521 |
Medium |
Yes |
Information disclosure |
Improper authorization in GitLab 12.8+ allows a guest user in a private project to view tag data that should be inaccessible on the releases page. The issue... |
| CVE-2021-22171 |
AVG-1416 |
High |
Yes |
Authentication bypass |
Insufficient validation of authentication parameters in GitLab Pages for GitLab 11.5+ would allow stealing a user's API access token. The issue is mitigated... |
| CVE-2021-22169 |
AVG-1522 |
Medium |
Yes |
Information disclosure |
An issue was identified in GitLab EE 13.4 or later which could disclose internal IP address via error messages. It is fixed in versions 13.8.2, 13.7.6 and 13.6.6. |
| CVE-2021-22168 |
AVG-1416 |
Medium |
Yes |
Denial of service |
A regular expression denial of service issue has been discovered in the NuGet API affecting all versions of GitLab starting from version 12.8. The issue is... |
| CVE-2021-22167 |
AVG-1416 |
Medium |
Yes |
Information disclosure |
An issue has been discovered in GitLab affecting all versions starting from 12.1. Incorrect headers within a specific project page allow attackers to have... |
| CVE-2021-22166 |
AVG-1416 |
Medium |
Yes |
Denial of service |
An attacker could cause a Prometheus denial of service in GitLab 13.7+ by sending an HTTP request with a malformed method. The issue is mitigated in GitLab... |
| CVE-2020-26417 |
AVG-1333 |
Medium |
Yes |
Information disclosure |
Information disclosure via GraphQL in GitLab CE/EE 13.1 and later exposes private group and project membership. This affects versions >=13.6 to <13.6.2,... |
| CVE-2020-26416 |
AVG-1347 |
Medium |
Yes |
Information disclosure |
Information disclosure in Advanced Search component of GitLab EE starting from 8.4 results in exposure of search terms via Rails logs. This affects versions... |
| CVE-2020-26415 |
AVG-1333 |
Medium |
Yes |
Information disclosure |
An issue has been discovered in GitLab affecting all versions starting from 12.2 before 13.6.2, all versions starting from 12.2 before 13.5.5, all versions... |
| CVE-2020-26414 |
AVG-1416 |
Medium |
Yes |
Denial of service |
An issue has been discovered in GitLab affecting all versions starting from 12.4. The regex used for package names is written in a way that makes execution... |
| CVE-2020-26413 |
AVG-1333 |
Medium |
Yes |
Information disclosure |
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.4 before 13.6.2. Information disclosure via GraphQL starting in GitLab... |
| CVE-2020-26412 |
AVG-1347 |
Low |
Yes |
Information disclosure |
Removed group members were able to use the To-Do functionality to retrieve updated information on confidential epics starting in GitLab EE 13.2 before 13.6.2. |
| CVE-2020-26411 |
AVG-1333 |
Medium |
Yes |
Denial of service |
A potential denial of service vulnerability was discovered in all versions of Gitlab starting from 13.4.x (>=13.4 to <13.4.7, >=13.5 to <13.5.5, and >=13.6... |
| CVE-2020-26409 |
AVG-1333 |
Medium |
Yes |
Denial of service |
A denial of service vulnerability exists in Gitlab CE/EE >=10.3, <13.4.7,>=13.5, <13.5.5,>=13.6, <13.6.2 that allows an attacker to trigger uncontrolled... |
| CVE-2020-26408 |
AVG-1333 |
Medium |
Yes |
Information disclosure |
A limited information disclosure vulnerability exists in Gitlab CE/EE from >= 12.2 to <13.4.7, >=13.5 to <13.5.5, and >=13.6 to <13.6.2 that allows an... |
| CVE-2020-26407 |
AVG-1333 |
Medium |
Yes |
Cross-site scripting |
A cross-site scripting vulnerability exists in Gitlab CE/EE from 12.4 before 13.4.7, 13.5 before 13.5.5, and 13.6 before 13.6.2 that allows an attacker to... |
| CVE-2020-13357 |
AVG-1333 |
Medium |
Yes |
Access restriction bypass |
An issue was discovered in Gitlab CE/EE versions >= 13.1 to <13.4.7, >= 13.5 to <13.5.5, and >= 13.6 to <13.6.2 allowed an unauthorized user to access the... |
| CVE-2018-18843 |
AVG-802 |
High |
Yes |
Cross-site request forgery |
The GitLab Kubernetes integration was vulnerable to a SSRF issue which could allow an attacker to make requests to access any internal URLs |
| CVE-2018-18649 |
AVG-794 |
Critical |
Yes |
Arbitrary code execution |
A security issue has been found in gitlab versions prior to 11.4.3, where the wiki API contained an input validation issue which resulted in remote code execution. |
| CVE-2018-18648 |
AVG-794 |
Low |
Yes |
Information disclosure |
A security issue has been found in gitlab versions prior to 11.4.3, where a JSON endpoint was disclosing Gem version information which could result in an... |
| CVE-2018-18647 |
AVG-802 |
Medium |
Yes |
Access restriction bypass |
A security issue has been found in gitlab versions prior to 11.4.3, where the protected_branches API was vulnerable to an issue which allowed an... |
| CVE-2018-18646 |
AVG-794 |
Medium |
Yes |
Cross-site request forgery |
A security issue has been found in gitlab versions prior to 11.4.3, where the Hipchat integration was vulnerable to a SSRF issue which allowed an attacker... |
| CVE-2018-18645 |
AVG-794 |
Low |
Yes |
Information disclosure |
A security issue has been found in gitlab versions prior to 11.4.3, where when replying to an issue through email, with the GitLab email footer included, a... |
| CVE-2018-18644 |
AVG-802 |
Medium |
Yes |
Information disclosure |
A security issue has been found in gitlab versions prior to 11.4.3, where the Prometheus integration was vulnerable to an indirect object reference issue... |
| CVE-2018-18643 |
AVG-794 |
Medium |
Yes |
Cross-site scripting |
A security issue has been found in gitlab versions prior to 11.4.3, where the fragment identifier (hash) of several pages contained a lack of input... |
| CVE-2018-18642 |
AVG-802 |
Medium |
Yes |
Cross-site scripting |
A security issue has been found in gitlab versions prior to 11.4.3, where the license management and security reports pages contained a lack of input... |
| CVE-2018-18641 |
AVG-794 |
Low |
Yes |
Information disclosure |
A security issue has been found in gitlab versions prior to 11.4.3, where personal access tokens were being stored unencrypted as plain text in the database... |
| CVE-2018-18640 |
AVG-794 |
Medium |
No |
Information disclosure |
A security issue has been found in gitlab versions prior to 11.4.3, where private project pages had inadequate cache control, which resulted in unauthorized... |
| CVE-2018-12607 |
AVG-726 |
Medium |
Yes |
Cross-site scripting |
The charts feature contained a persistent XSS issue due to a lack of output encoding. |
| CVE-2018-12606 |
AVG-726 |
Medium |
Yes |
Cross-site scripting |
The wiki contains a persistent XSS issue due to a lack of output encoding affecting a specific markdown feature. |
| CVE-2018-3740 |
AVG-726 |
Medium |
Yes |
Insufficient validation |
A specially crafted HTML fragment can cause Sanitize gem for Ruby to allow non-whitelisted attributes to be used on a whitelisted HTML element. |