GitLab 11.10 < 18.4.6 / 18.5 < 18.5.4 / 18.6 < 18.6.2 (CVE-2025-12562)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.10 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an unauthenticated user to create a...

CVE-2025-8405

GitLab has remediated a security issue in GitLab CE/EE affecting all versions from 17.1 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an authenticated user to perform unauthorized actions on behalf of other users by injecting malicious HTML into vulnerability...

UBUNTU-CVE-2025-4097

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.10 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an authenticated user to cause a denial of service condition by uploading specially crafted images...

UBUNTU-CVE-2025-8405

GitLab has remediated a security issue in GitLab CE/EE affecting all versions from 17.1 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an authenticated user to perform unauthorized actions on behalf of other users by injecting malicious HTML into vulnerability...

UBUNTU-CVE-2025-12562

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.10 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an unauthenticated user to create a denial of service condition by sending crafted GraphQL queries that bypass query complexity limits...

CVE-2025-12562

GitLab CVE-2025-12562 affects GitLab CE/EE: unpatched versions include all 11.10→18.4.5, 18.5.x prior to 18.5.4, and 18.6.x prior to 18.6.2. Root cause: crafted GraphQL queries that bypass query complexity limits could allow an unauthenticated user to cause a Denial of Service. Remediation: GitLa...

EUVD-2025-202661

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 6.3 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an authenticated user to cause a Denial of Service condition by sending crafted API calls with large content parameters...

GitLab Enterprise Edition（EE） 安全漏洞

GitLab Enterprise Edition EE is a content management system from the American company GitLab. A security vulnerability exists in GitLab Enterprise Edition EE versions prior to 18.4.6, 18.5 through 18.5.4, and 18.6 through 18.6.2, which stems from the fact that execution of a specially crafted...

Adobe InCopy < 18.5.4 / 19.0 < 19.5.0 Arbitrary code execution (APSB24-79)

The version of Adobe InCopy installed on the remote host is prior to 18.5.4, 19.5.0. It is, therefore, affected by a vulnerability as referenced in the APSB24-79 advisory. - InCopy versions 19.4, 18.5.3 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability...