) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Keyword (text search): cpe:2.3:a:gitlab:gitlab:16.11.5:*:*:*:enterprise:*:*:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2024-2880 |
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.5 prior to 16.11.6, starting from 17.0 prior to 17.0.4, and starting from 17.1 prior to 17.1.2 in which a user with `admin_group_member` custom role permission could ban group members. Published: July 11, 2024; 3:15:02 AM -0400 |
V4.0:(not available) V3.1: 2.7 LOW V2.0:(not available) |
| CVE-2024-4201 |
A cross-site scripting issue has been discovered in GitLab affecting all versions starting from 5.1 before 16.10.7, all versions starting from 16.11 before 16.111.4, all versions starting from 17.0 before 17.0.2. When viewing an XML file in a repository in raw mode, it can be made to render as HTML if viewed under specific circumstances. Published: June 12, 2024; 7:15:49 PM -0400 |
V4.0:(not available) V3.1: 4.4 MEDIUM V2.0:(not available) |
| CVE-2023-4895 |
An issue has been discovered in GitLab EE affecting all versions starting from 12.0 to 16.7.6, all versions starting from 16.8 before 16.8.3, all versions starting from 16.9 before 16.9.1. This vulnerability allows for bypassing the 'group ip restriction' settings to access environment details of projects Published: February 21, 2024; 8:15:07 PM -0500 |
V4.0:(not available) V3.1: 4.3 MEDIUM V2.0:(not available) |