Gitlab Sårbarheter

Tidslinje

Typ

Produkt

GitLab Enterprise Edition695
GitLab Community Edition566
GitLab Community19
GitLab Enterprise19
GitLab DAST Analyzer3

Åtgärd

Official Fix488
Temporary Fix0
Workaround0
Unavailable0
Not Defined265

Utnyttjbarhet

High0
Functional0
Proof-of-Concept0
Unproven0
Not Defined753

Åtkomstvektor

Not Defined0
Physical0
Local9
Adjacent12
Network732

Autentisering

Not Defined0
High64
Low367
None322

Användarinteraktion

Not Defined0
Required152
None601

C3BM Index

CVSSv3 Base

≤10
≤21
≤38
≤469
≤5185
≤6234
≤7162
≤858
≤934
≤102

CVSSv3 Temp

≤10
≤21
≤314
≤465
≤5190
≤6236
≤7157
≤861
≤929
≤100

VulDB

≤10
≤26
≤337
≤498
≤5228
≤6168
≤7106
≤8107
≤93
≤100

NVD

≤10
≤20
≤32
≤411
≤587
≤6126
≤7104
≤8104
≤931
≤1035

CNA

≤10
≤22
≤315
≤435
≤587
≤659
≤747
≤825
≤913
≤1012

Säljare

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Utnyttja 0-dagars

<1k127
<2k419
<5k206
<10k0
<25k1
<50k0
<100k0
≥100k0

Utnyttja idag

<1k735
<2k18
<5k0
<10k0
<25k0
<50k0
<100k0
≥100k0

Utnyttja marknadsvolymen

🔴 CTI Aktiviteter

Affected Products (13): Community (19), Community Edition (566), DAST API Scanner (1), DAST Analyzer (3), Enterprise (19), Enterprise Edition (697), GitLab (1), Omnibus (1), Remote Development (1), Runner (3), and Enterprise Edition (1), and gitlab-shell (1), gitlab-vscode-extension (1)

Link to Vendor Website: https://gitlab.com/

PubliceradBaseTempSårbarhetProdUtnRemCTIEPSSCVE
13/02/20245.65.5GitLab Enterprise Edition Group Access Token privilegier eskaleringBug Tracking SoftwareNot DefinedOfficial Fix0.66-0.00043CVE-2024-1250
08/02/20245.95.8GitLab Enterprise Edition Protected Branch privilegier eskaleringBug Tracking SoftwareNot DefinedOfficial Fix0.060.00043CVE-2023-6564
08/02/20245.75.6GitLab Enterprise Edition Protected Branch privilegier eskaleringBug Tracking SoftwareNot DefinedOfficial Fix0.070.00043CVE-2023-6840
08/02/20245.45.3GitLab Enterprise Edition CODEOWNERS File förnekande av tjänstenBug Tracking SoftwareNot DefinedOfficial Fix0.020.00043CVE-2023-6736
08/02/20245.45.3GitLab Enterprise Edition GraphQL vulnerabilitiesCountByDay förnekande av tjänstenBug Tracking SoftwareNot DefinedOfficial Fix0.030.00043CVE-2024-1066
26/01/20248.17.9GitLab Community Edition/Enterprise Edition Workspace kataloggenomgångBug Tracking SoftwareNot DefinedOfficial Fix0.040.00068CVE-2024-0402
26/01/20244.94.9GitLab Community Edition/Enterprise Edition API PUT Request cross site scriptingBug Tracking SoftwareNot DefinedOfficial Fix0.050.00218CVE-2023-5933
26/01/20245.45.3GitLab Community Edition/Enterprise Edition Cargo.toml förnekande av tjänstenBug Tracking SoftwareNot DefinedOfficial Fix0.050.00049CVE-2023-6159
12/01/20248.28.1GitLab Community Edition/Enterprise Edition privilegier eskaleringBug Tracking SoftwareNot DefinedOfficial Fix0.020.00068CVE-2023-5356
12/01/20245.55.5GitLab Remote Development privilegier eskaleringBug Tracking SoftwareNot DefinedOfficial Fix0.020.00046CVE-2023-6955
12/01/20246.16.1GitLab Enterprise Edition Merge Request privilegier eskaleringBug Tracking SoftwareNot DefinedOfficial Fix0.020.00046CVE-2023-4812
12/01/20244.44.3GitLab Community Edition/Enterprise Edition svag autentiseringBug Tracking SoftwareNot DefinedOfficial Fix0.020.00046CVE-2023-2030
12/01/20248.07.9GitLab Community Edition/Enterprise Edition Password Reset privilegier eskaleringBug Tracking SoftwareNot DefinedOfficial Fix0.040.04478CVE-2023-7028
18/12/20235.55.4GitLab Enterprise Edition Project Access Token privilegier eskaleringBug Tracking SoftwareNot DefinedOfficial Fix0.000.00068CVE-2023-3907
15/12/20237.37.2GitLab Enterprise Edition svag autentiseringBug Tracking SoftwareNot DefinedOfficial Fix0.030.00085CVE-2023-6680
15/12/20234.74.6GitLab Community Edition/Enterprise Edition File Name privilegier eskaleringBug Tracking SoftwareNot DefinedOfficial Fix0.000.00046CVE-2023-5512
15/12/20235.45.3GitLab Enterprise Edition Issue Time privilegier eskaleringBug Tracking SoftwareNot DefinedOfficial Fix0.020.00046CVE-2023-3904
15/12/20235.55.4GitLab Community Edition/Enterprise Edition Installation Package privilegier eskaleringBug Tracking SoftwareNot DefinedOfficial Fix0.000.00046CVE-2023-6051
15/12/20233.13.1GitLab Enterprise Edition Private Project privilegier eskaleringBug Tracking SoftwareNot DefinedOfficial Fix0.000.00045CVE-2023-3511
01/12/20235.95.8GitLab Community Edition/Enterprise Edition Jira Integration Configuration cross site scriptingBug Tracking SoftwareNot DefinedOfficial Fix0.020.00063CVE-2023-6033
01/12/20234.74.7GitLab Enterprise Edition Internal Project privilegier eskaleringBug Tracking SoftwareNot DefinedOfficial Fix0.050.00121CVE-2023-5995
01/12/20235.05.0GitLab Enterprise Edition Mermaid Diagram förnekande av tjänstenBug Tracking SoftwareNot DefinedOfficial Fix0.020.00044CVE-2023-4912
01/12/20233.13.0GitLab Enterprise Edition Allowed to Merge privilegier eskaleringBug Tracking SoftwareNot DefinedOfficial Fix0.020.00045CVE-2023-4658
10/11/20236.66.6GitLab Enterprise Edition Merge Request privilegier eskaleringBug Tracking SoftwareNot DefinedOfficial Fix0.020.00048CVE-2023-4379
06/11/20234.84.7GitLab Enterprise Edition Job privilegier eskaleringBug Tracking SoftwareNot DefinedOfficial Fix0.000.00067CVE-2023-4700

728 fler poster visas inte

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!