Gitlab Vulnerabilidad

Cronología

Escribe

Bug Tracking Software	767

Producto

GitLab Enterprise Edition	709
GitLab Community Edition	576
GitLab Community	19
GitLab Enterprise	19
GitLab DAST Analyzer	3

Contramedidas

Official Fix	502
Temporary Fix	0
Workaround	0
Unavailable	0
Not Defined	265

Explotabilidad

High	1
Functional	0
Proof-of-Concept	0
Unproven	0
Not Defined	766

Vector de acceso

Not Defined	0
Physical	0
Local	9
Adjacent	12
Network	746

Autenticación

Not Defined	0
High	65
Low	379
None	323

La interacción del usuario

Not Defined	0
Required	156
None	611

C3BM Index

CVSSv3 Base

≤1	0
≤2	1
≤3	8
≤4	69
≤5	191
≤6	236
≤7	166
≤8	60
≤9	34
≤10	2

CVSSv3 Temp

≤1	0
≤2	1
≤3	14
≤4	65
≤5	195
≤6	243
≤7	156
≤8	64
≤9	29
≤10	0

VulDB

≤1	0
≤2	6
≤3	37
≤4	102
≤5	236
≤6	168
≤7	107
≤8	108
≤9	3
≤10	0

NVD

≤1	0
≤2	0
≤3	2
≤4	11
≤5	87
≤6	127
≤7	104
≤8	104
≤9	31
≤10	35

CNA

≤1	0
≤2	2
≤3	15
≤4	35
≤5	93
≤6	60
≤7	48
≤8	26
≤9	18
≤10	12

Proveedor

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Explotar día 0

<1k	116
<2k	482
<5k	168
<10k	0
<25k	1
<50k	0
<100k	0
≥100k	0

Explotar hoy

<1k	754
<2k	13
<5k	0
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Explotar el volumen del mercado

🔴 CTI Ocupaciones

Affected Products (13): Community (19), Community Edition (576), DAST API Scanner (1), DAST Analyzer (3), Enterprise (19), Enterprise Edition (711), GitLab (1), Omnibus (1), Remote Development (1), Runner (3), and Enterprise Edition (1), and gitlab-shell (1), gitlab-vscode-extension (1)

Link to Vendor Website: https://gitlab.com/

Fecha de publicación	Base	Temp	Vulnerabilidad	Prod	Exp	Con	EPSS	CTI	CVE
2024-04-25	7.4	7.2	GitLab Community Edition/Enterprise Edition directory traversal	Bug Tracking Software	Not Defined	Official Fix	0.00000	0.15+	CVE-2024-2434
2024-04-25	4.3	4.2	GitLab Community Edition/Enterprise Edition Email Address escalada de privilegios	Bug Tracking Software	Not Defined	Official Fix	0.00000	0.10+	CVE-2024-1347
2024-04-25	7.5	7.3	GitLab Community Edition/Enterprise Edition Wildcard Filter denegación de servicio	Bug Tracking Software	Not Defined	Official Fix	0.00000	0.10+	CVE-2024-2829
2024-04-12	4.3	4.2	GitLab Community Edition/Enterprise Edition Chat Integration denegación de servicio	Bug Tracking Software	Not Defined	Official Fix	0.00043	0.04	CVE-2023-6489
2024-04-12	6.1	6.0	GitLab Community Edition/Enterprise Edition Diff Viewer cross site scripting	Bug Tracking Software	Not Defined	Official Fix	0.00043	0.02	CVE-2024-3092
2024-04-12	6.1	6.0	GitLab Community Edition/Enterprise Edition Autocomplete cross site scripting	Bug Tracking Software	Not Defined	Official Fix	0.00043	0.04	CVE-2024-2279
2024-04-12	4.3	4.2	GitLab Enterprise Edition junit Test Report File denegación de servicio	Bug Tracking Software	Not Defined	Official Fix	0.00043	0.06	CVE-2023-6678
2024-03-28	6.1	6.0	GitLab Community Edition/Enterprise Edition Wiki Page cross site scripting	Bug Tracking Software	Not Defined	Official Fix	0.00043	0.08	CVE-2023-6371
2024-03-28	4.3	4.2	GitLab Community Edition/Enterprise Edition Label denegación de servicio	Bug Tracking Software	Not Defined	Official Fix	0.00065	0.00	CVE-2024-2818
2024-02-22	6.1	6.0	GitLab Community Edition/Enterprise Edition User Profile Page cross site scripting	Bug Tracking Software	Not Defined	Official Fix	0.00068	0.00	CVE-2024-1451
2024-02-22	4.8	4.7	GitLab Community Edition/Enterprise Edition Secondary Email escalada de privilegios	Bug Tracking Software	Not Defined	Official Fix	0.00046	0.05	CVE-2024-1525
2024-02-22	4.3	4.2	GitLab Enterprise Edition Custom Dashboard Projects Setting escalada de privilegios	Bug Tracking Software	Not Defined	Official Fix	0.00045	0.05	CVE-2024-0861
2024-02-22	5.7	5.6	GitLab Enterprise Edition Group escalada de privilegios	Bug Tracking Software	Not Defined	Official Fix	0.00068	0.04	CVE-2023-6477
2024-02-22	4.3	4.2	GitLab Enterprise Edition Setting escalada de privilegios	Bug Tracking Software	Not Defined	Official Fix	0.00045	0.05	CVE-2023-4895
2024-02-13	5.6	5.5	GitLab Enterprise Edition Group Access Token escalada de privilegios	Bug Tracking Software	Not Defined	Official Fix	0.00068	0.04	CVE-2024-1250
2024-02-08	5.9	5.8	GitLab Enterprise Edition Protected Branch escalada de privilegios	Bug Tracking Software	Not Defined	Official Fix	0.00046	0.04	CVE-2023-6564
2024-02-08	5.7	5.6	GitLab Enterprise Edition Protected Branch escalada de privilegios	Bug Tracking Software	Not Defined	Official Fix	0.00045	0.02	CVE-2023-6840
2024-02-08	5.4	5.3	GitLab Enterprise Edition CODEOWNERS File denegación de servicio	Bug Tracking Software	Not Defined	Official Fix	0.00044	0.05	CVE-2023-6736
2024-02-08	5.4	5.3	GitLab Enterprise Edition GraphQL vulnerabilitiesCountByDay denegación de servicio	Bug Tracking Software	Not Defined	Official Fix	0.00044	0.00	CVE-2024-1066
2024-01-26	8.1	7.9	GitLab Community Edition/Enterprise Edition Workspace directory traversal	Bug Tracking Software	Not Defined	Official Fix	0.00068	0.04	CVE-2024-0402
2024-01-26	5.1	5.1	GitLab Community Edition/Enterprise Edition API PUT Request cross site scripting	Bug Tracking Software	Not Defined	Official Fix	0.00218	0.00	CVE-2023-5933
2024-01-26	5.4	5.3	GitLab Community Edition/Enterprise Edition Cargo.toml denegación de servicio	Bug Tracking Software	Not Defined	Official Fix	0.00049	0.02	CVE-2023-6159
2024-01-12	8.2	8.1	GitLab Community Edition/Enterprise Edition escalada de privilegios	Bug Tracking Software	Not Defined	Official Fix	0.00068	0.05	CVE-2023-5356
2024-01-12	5.5	5.5	GitLab Remote Development escalada de privilegios	Bug Tracking Software	Not Defined	Official Fix	0.00046	0.04	CVE-2023-6955
2024-01-12	6.1	6.1	GitLab Enterprise Edition Merge Request escalada de privilegios	Bug Tracking Software	Not Defined	Official Fix	0.00046	0.06	CVE-2023-4812

742 no se muestran más entradas

🔒 Login Required

You need to signup and login to see more of the remaining 742 results.

◂ AnteriorVisión De ConjuntoPróximo ▸

Might our Artificial Intelligence support you?

Check our Alexa App!