Gitlab Schwachstellen

Zeitverlauf

Typ

Bug Tracking Software	764

Produkt

GitLab Enterprise Edition	706
GitLab Community Edition	573
GitLab Community	19
GitLab Enterprise	19
GitLab DAST Analyzer	3

Massnahmen

Official Fix	499
Temporary Fix	0
Workaround	0
Unavailable	0
Not Defined	265

Ausnutzbarkeit

High	1
Functional	0
Proof-of-Concept	0
Unproven	0
Not Defined	763

Zugriffsart

Not Defined	0
Physical	0
Local	9
Adjacent	12
Network	743

Authentisierung

Not Defined	0
High	65
Low	377
None	322

Benutzeraktivität

Not Defined	0
Required	156
None	608

C3BM Index

CVSSv3 Base

≤1	0
≤2	1
≤3	8
≤4	69
≤5	190
≤6	236
≤7	166
≤8	58
≤9	34
≤10	2

CVSSv3 Temp

≤1	0
≤2	1
≤3	14
≤4	65
≤5	194
≤6	243
≤7	156
≤8	62
≤9	29
≤10	0

VulDB

≤1	0
≤2	6
≤3	37
≤4	102
≤5	235
≤6	168
≤7	106
≤8	107
≤9	3
≤10	0

NVD

≤1	0
≤2	0
≤3	2
≤4	11
≤5	87
≤6	127
≤7	104
≤8	104
≤9	31
≤10	35

CNA

≤1	0
≤2	2
≤3	15
≤4	35
≤5	92
≤6	60
≤7	48
≤8	25
≤9	17
≤10	12

Hersteller

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Exploit 0-day

<1k	116
<2k	479
<5k	168
<10k	0
<25k	1
<50k	0
<100k	0
≥100k	0

Exploit heute

<1k	751
<2k	13
<5k	0
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Exploitmarktvolumen

🔴 CTI Aktivitäten

Affected Products (13): Community (19), Community Edition (573), DAST API Scanner (1), DAST Analyzer (3), Enterprise (19), Enterprise Edition (708), GitLab (1), Omnibus (1), Remote Development (1), Runner (3), and Enterprise Edition (1), and gitlab-shell (1), gitlab-vscode-extension (1)

Link to Vendor Website: https://gitlab.com/

Veröffentlicht	Base	Temp	Schwachstelle	Prod	Aus	Mas	EPSS	CTI	CVE
12.04.2024	4.3	4.2	GitLab Community Edition/Enterprise Edition Chat Integration Denial of Service	Bug Tracking Software	Not Defined	Official Fix	0.00043	0.04	CVE-2023-6489
12.04.2024	6.1	6.0	GitLab Community Edition/Enterprise Edition Diff Viewer Cross Site Scripting	Bug Tracking Software	Not Defined	Official Fix	0.00043	0.02	CVE-2024-3092
12.04.2024	6.1	6.0	GitLab Community Edition/Enterprise Edition Autocomplete Cross Site Scripting	Bug Tracking Software	Not Defined	Official Fix	0.00043	0.04	CVE-2024-2279
12.04.2024	4.3	4.2	GitLab Enterprise Edition junit Test Report File Denial of Service	Bug Tracking Software	Not Defined	Official Fix	0.00043	0.06	CVE-2023-6678
28.03.2024	6.1	6.0	GitLab Community Edition/Enterprise Edition Wiki Page Cross Site Scripting	Bug Tracking Software	Not Defined	Official Fix	0.00043	0.08	CVE-2023-6371
28.03.2024	4.3	4.2	GitLab Community Edition/Enterprise Edition Label Denial of Service	Bug Tracking Software	Not Defined	Official Fix	0.00065	0.00	CVE-2024-2818
22.02.2024	6.1	6.0	GitLab Community Edition/Enterprise Edition User Profile Page Cross Site Scripting	Bug Tracking Software	Not Defined	Official Fix	0.00068	0.00	CVE-2024-1451
22.02.2024	4.8	4.7	GitLab Community Edition/Enterprise Edition Secondary Email erweiterte Rechte	Bug Tracking Software	Not Defined	Official Fix	0.00046	0.05	CVE-2024-1525
22.02.2024	4.3	4.2	GitLab Enterprise Edition Custom Dashboard Projects Setting erweiterte Rechte	Bug Tracking Software	Not Defined	Official Fix	0.00045	0.05	CVE-2024-0861
22.02.2024	5.7	5.6	GitLab Enterprise Edition Group erweiterte Rechte	Bug Tracking Software	Not Defined	Official Fix	0.00068	0.04	CVE-2023-6477
22.02.2024	4.3	4.2	GitLab Enterprise Edition Setting erweiterte Rechte	Bug Tracking Software	Not Defined	Official Fix	0.00045	0.05	CVE-2023-4895
13.02.2024	5.6	5.5	GitLab Enterprise Edition Group Access Token erweiterte Rechte	Bug Tracking Software	Not Defined	Official Fix	0.00068	0.04	CVE-2024-1250
08.02.2024	5.9	5.8	GitLab Enterprise Edition Protected Branch erweiterte Rechte	Bug Tracking Software	Not Defined	Official Fix	0.00046	0.04	CVE-2023-6564
08.02.2024	5.7	5.6	GitLab Enterprise Edition Protected Branch erweiterte Rechte	Bug Tracking Software	Not Defined	Official Fix	0.00045	0.02	CVE-2023-6840
08.02.2024	5.4	5.3	GitLab Enterprise Edition CODEOWNERS File Denial of Service	Bug Tracking Software	Not Defined	Official Fix	0.00044	0.05	CVE-2023-6736
08.02.2024	5.4	5.3	GitLab Enterprise Edition GraphQL vulnerabilitiesCountByDay Denial of Service	Bug Tracking Software	Not Defined	Official Fix	0.00044	0.00	CVE-2024-1066
26.01.2024	8.1	7.9	GitLab Community Edition/Enterprise Edition Workspace Directory Traversal	Bug Tracking Software	Not Defined	Official Fix	0.00068	0.04	CVE-2024-0402
26.01.2024	5.1	5.1	GitLab Community Edition/Enterprise Edition API PUT Request Cross Site Scripting	Bug Tracking Software	Not Defined	Official Fix	0.00218	0.00	CVE-2023-5933
26.01.2024	5.4	5.3	GitLab Community Edition/Enterprise Edition Cargo.toml Denial of Service	Bug Tracking Software	Not Defined	Official Fix	0.00049	0.02	CVE-2023-6159
12.01.2024	8.2	8.1	GitLab Community Edition/Enterprise Edition erweiterte Rechte	Bug Tracking Software	Not Defined	Official Fix	0.00068	0.05	CVE-2023-5356
12.01.2024	5.5	5.5	GitLab Remote Development erweiterte Rechte	Bug Tracking Software	Not Defined	Official Fix	0.00046	0.04	CVE-2023-6955
12.01.2024	6.1	6.1	GitLab Enterprise Edition Merge Request erweiterte Rechte	Bug Tracking Software	Not Defined	Official Fix	0.00046	0.06	CVE-2023-4812
12.01.2024	4.4	4.3	GitLab Community Edition/Enterprise Edition schwache Authentisierung	Bug Tracking Software	Not Defined	Official Fix	0.00046	0.00	CVE-2023-2030
12.01.2024	8.0	7.9	GitLab Community Edition/Enterprise Edition Password Reset erweiterte Rechte	Bug Tracking Software	Not Defined	Official Fix	0.80716	0.04	CVE-2023-7028
18.12.2023	5.5	5.4	GitLab Enterprise Edition Project Access Token erweiterte Rechte	Bug Tracking Software	Not Defined	Official Fix	0.00068	0.07	CVE-2023-3907

739 weitere Einträge werden nicht mehr angezeigt

🔒 Login Required

You need to signup and login to see more of the remaining 739 results.

◂ ZurückÜbersichtWeiter ▸

Interested in the pricing of exploits?

See the underground prices here!