Gitlab Vulnerabilità

Sequenza temporale

Genere

Bug Tracking Software769

Prodotto

GitLab Enterprise Edition711
GitLab Community Edition578
GitLab Community19
GitLab Enterprise19
GitLab DAST Analyzer3

Contromisure

Official Fix504
Temporary Fix0
Workaround0
Unavailable0
Not Defined265

Sfruttabilità

High1
Functional0
Proof-of-Concept0
Unproven0
Not Defined768

Accesso al vettore

Not Defined0
Physical0
Local9
Adjacent12
Network748

Autenticazione

Not Defined0
High65
Low381
None323

Interazione dell'utente

Not Defined0
Required157
None612

C3BM Index

CVSSv3 Base

≤10
≤21
≤38
≤469
≤5192
≤6236
≤7167
≤860
≤934
≤102

CVSSv3 Temp

≤10
≤21
≤314
≤465
≤5196
≤6243
≤7157
≤864
≤929
≤100

VulDB

≤10
≤26
≤337
≤4102
≤5237
≤6169
≤7107
≤8108
≤93
≤100

NVD

≤10
≤20
≤32
≤411
≤587
≤6127
≤7104
≤8104
≤931
≤1035

CNA

≤10
≤22
≤315
≤435
≤594
≤660
≤748
≤827
≤918
≤1012

Fornitore

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Exploiter 0 giorni

<1k116
<2k484
<5k168
<10k0
<25k1
<50k0
<100k0
≥100k0

Exploiter aujourd'hui

<1k756
<2k13
<5k0
<10k0
<25k0
<50k0
<100k0
≥100k0

Sfrutta il volume del mercato

🔴 CTI Attività

Affected Products (13): Community (19), Community Edition (578), DAST API Scanner (1), DAST Analyzer (3), Enterprise (19), Enterprise Edition (713), GitLab (1), Omnibus (1), Remote Development (1), Runner (3), and Enterprise Edition (1), and gitlab-shell (1), gitlab-vscode-extension (1)

Link to Vendor Website: https://gitlab.com/

Data di pubblicazioneBaseTempVulnerabilitàProdSfrConEPSSCTICVE
25/04/20246.46.3GitLab Community Edition/Enterprise Edition Bitbucket Credentials autenticazione deboleBug Tracking SoftwareNot DefinedOfficial Fix0.000001.35-CVE-2024-4024
25/04/20244.34.2GitLab Community Edition/Enterprise Edition GraphQL Subscription escalazione di privilegiBug Tracking SoftwareNot DefinedOfficial Fix0.000000.53-CVE-2024-4006
25/04/20247.47.2GitLab Community Edition/Enterprise Edition directory traversalBug Tracking SoftwareNot DefinedOfficial Fix0.000000.77-CVE-2024-2434
25/04/20244.34.2GitLab Community Edition/Enterprise Edition Email Address escalazione di privilegiBug Tracking SoftwareNot DefinedOfficial Fix0.000000.48-CVE-2024-1347
25/04/20247.57.3GitLab Community Edition/Enterprise Edition Wildcard Filter denial of serviceBug Tracking SoftwareNot DefinedOfficial Fix0.000000.43-CVE-2024-2829
12/04/20244.34.2GitLab Community Edition/Enterprise Edition Chat Integration denial of serviceBug Tracking SoftwareNot DefinedOfficial Fix0.000430.04CVE-2023-6489
12/04/20246.16.0GitLab Community Edition/Enterprise Edition Diff Viewer cross site scriptingBug Tracking SoftwareNot DefinedOfficial Fix0.000430.02CVE-2024-3092
12/04/20246.16.0GitLab Community Edition/Enterprise Edition Autocomplete cross site scriptingBug Tracking SoftwareNot DefinedOfficial Fix0.000430.04CVE-2024-2279
12/04/20244.34.2GitLab Enterprise Edition junit Test Report File denial of serviceBug Tracking SoftwareNot DefinedOfficial Fix0.000430.06CVE-2023-6678
28/03/20246.16.0GitLab Community Edition/Enterprise Edition Wiki Page cross site scriptingBug Tracking SoftwareNot DefinedOfficial Fix0.000430.08CVE-2023-6371
28/03/20244.34.2GitLab Community Edition/Enterprise Edition Label denial of serviceBug Tracking SoftwareNot DefinedOfficial Fix0.000650.00CVE-2024-2818
22/02/20246.16.0GitLab Community Edition/Enterprise Edition User Profile Page cross site scriptingBug Tracking SoftwareNot DefinedOfficial Fix0.000680.00CVE-2024-1451
22/02/20244.84.7GitLab Community Edition/Enterprise Edition Secondary Email escalazione di privilegiBug Tracking SoftwareNot DefinedOfficial Fix0.000460.05CVE-2024-1525
22/02/20244.34.2GitLab Enterprise Edition Custom Dashboard Projects Setting escalazione di privilegiBug Tracking SoftwareNot DefinedOfficial Fix0.000450.05CVE-2024-0861
22/02/20245.75.6GitLab Enterprise Edition Group escalazione di privilegiBug Tracking SoftwareNot DefinedOfficial Fix0.000680.04CVE-2023-6477
22/02/20244.34.2GitLab Enterprise Edition Setting escalazione di privilegiBug Tracking SoftwareNot DefinedOfficial Fix0.000450.05CVE-2023-4895
13/02/20245.65.5GitLab Enterprise Edition Group Access Token escalazione di privilegiBug Tracking SoftwareNot DefinedOfficial Fix0.000680.04CVE-2024-1250
08/02/20245.95.8GitLab Enterprise Edition Protected Branch escalazione di privilegiBug Tracking SoftwareNot DefinedOfficial Fix0.000460.04CVE-2023-6564
08/02/20245.75.6GitLab Enterprise Edition Protected Branch escalazione di privilegiBug Tracking SoftwareNot DefinedOfficial Fix0.000450.02CVE-2023-6840
08/02/20245.45.3GitLab Enterprise Edition CODEOWNERS File denial of serviceBug Tracking SoftwareNot DefinedOfficial Fix0.000440.05CVE-2023-6736
08/02/20245.45.3GitLab Enterprise Edition GraphQL vulnerabilitiesCountByDay denial of serviceBug Tracking SoftwareNot DefinedOfficial Fix0.000440.00CVE-2024-1066
26/01/20248.17.9GitLab Community Edition/Enterprise Edition Workspace directory traversalBug Tracking SoftwareNot DefinedOfficial Fix0.000680.04CVE-2024-0402
26/01/20245.15.1GitLab Community Edition/Enterprise Edition API PUT Request cross site scriptingBug Tracking SoftwareNot DefinedOfficial Fix0.002180.00CVE-2023-5933
26/01/20245.45.3GitLab Community Edition/Enterprise Edition Cargo.toml denial of serviceBug Tracking SoftwareNot DefinedOfficial Fix0.000490.02CVE-2023-6159
12/01/20248.28.1GitLab Community Edition/Enterprise Edition escalazione di privilegiBug Tracking SoftwareNot DefinedOfficial Fix0.000680.05CVE-2023-5356

744 non vengono visualizzate più voci

🔒 Login Required

You need to signup and login to see more of the remaining 744 results.

PrecedenteVisione D'insiemeIl prossimo

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!