Proteus® NextGen Data Privacy™ users can receive automated alerts using this data by linking it to their ITIL CMDB (IT asset register)

2024

2023

CVE-2023-3210 (v3: 6.5) 1 Sep 2023
An issue has been discovered in GitLab affecting all versions starting from 15.11 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. An authenticated user could trigger a denial of service when importing or cloning malicious content.
CVE-2023-3205 (v3: 6.5) 1 Sep 2023
An issue has been discovered in GitLab affecting all versions starting from 15.11 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. An authenticated user could trigger a denial of service when importing or cloning malicious content.

2022

CVE-2022-3639 (v3: 7.5) 21 Oct 2022
A potential DOS vulnerability was discovered in GitLab CE/EE affecting all versions from 10.8 before 15.1.6, all versions starting from 15.2 before 15.2.4, all versions starting from 15.3 before 15.3.2. Improper data handling on branch creation could have been used to trigger high CPU usage.

2021

2020

CVE-2020-10954 (v3: 7.5) 27 Mar 2020
GitLab through 12.9 is affected by a potential DoS in repository archive download.

2019

CVE-2019-13007 (v3: 4.9) 10 Mar 2020
An issue was discovered in GitLab Community and Enterprise Edition 11.11 through 12.0.2. When an admin enabled one of the service templates, it was triggering an action that leads to resource depletion. It allows Uncontrolled Resource Consumption.
CVE-2019-13009 (v3: 6.5) 10 Mar 2020
An issue was discovered in GitLab Community and Enterprise Edition 9.2 through 12.0.2. Uploaded files associated with unsaved personal snippets were accessible to unauthorized users due to improper permission settings. It has Incorrect Access Control.
CVE-2019-13010 (v3: 5.9) 10 Mar 2020
An issue was discovered in GitLab Enterprise Edition 8.3 through 12.0.2. The color codes decoder was vulnerable to a resource depletion attack if specific formats were used. It allows Uncontrolled Resource Consumption.
CVE-2019-13003 (v3: 7.5) 10 Mar 2020
An issue was discovered in GitLab Community and Enterprise Edition before 12.0.3. One of the parsers used by Gilab CI was vulnerable to a resource exhaustion attack. It allows Uncontrolled Resource Consumption.
CVE-2019-20146 (v3: 5.3) 13 Jan 2020
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 11.0 through 12.6. It allows Uncontrolled Resource Consumption.
CVE-2019-15584 (v3: 6.5) 20 Dec 2019
A denial of service exists in gitlab
CVE-2019-15593 (v3: 6.5) 22 Nov 2019
GitLab 12.2.3 contains a security vulnerability that allows a user to affect the availability of the service through a Denial of Service attack in Issue Comments.
CVE-2019-15736 (v3: 7.5) 16 Sep 2019
An issue was discovered in GitLab Community and Enterprise Edition through 12.2.1. Under certain circumstances, CI pipelines could potentially be used in a denial of service attack.
CVE-2019-15722 (v3: 7.5) 16 Sep 2019
An issue was discovered in GitLab Community and Enterprise Edition 8.15 through 12.2.1. Particular mathematical expressions in GitLab Markdown can exhaust client resources.
CVE-2019-10113 (v3: 7.5) 16 May 2019
An issue was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. Making concurrent GET /api/v4/projects//languages requests may allow Uncontrolled Resource Consumption.
CVE-2019-10640 (v3: 7.5) 15 May 2019
An issue was discovered in GitLab Community and Enterprise Edition before 11.7.10, 11.8.x before 11.8.6, and 11.9.x before 11.9.4. A regex input validation issue for the .gitlab-ci.yml refs value allows Uncontrolled Resource Consumption.

2018

2017

2016

2015