20 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-13690
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.11 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allow...
Linux Distros Unpatched Vulnerability : CVE-2026-1182
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.14 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowe...
BIT-GITLAB-2026-1069 Uncontrolled Recursion in GitLab
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.9 before 18.9.2 that could have allowed an unauthenticated user to cause a denial of service by sending specially crafted GraphQL requests due to uncontrolled recursion under certain circumstances...
BIT-GITLAB-2025-12555 Incorrect Authorization in GitLab
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.1 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that, under certain conditions, could have allowed an authenticated user to access previous pipeline job information on projects with repository and CI/CD...
GitLab Enterprise Edition(EE)和GitLab Community Edition(CE) 安全漏洞
GitLab Enterprise Edition EE and GitLab Community Edition CE are products of the American company GitLab. GitLab Enterprise Edition is a content management system. GitLab Community Edition is a community version of GitLab. There were security vulnerabilities in versions prior to 18.7.6, 18.8.6, a...
EUVD-2026-11186
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 14.4 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user with group import permissions to create labels in private projects due to improper authorization validation in th...
EUVD-2026-11178
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.9 before 18.9.2 that could have allowed an unauthenticated user to cause a denial of service by sending specially crafted GraphQL requests due to uncontrolled recursion under certain circumstances...
UBUNTU-CVE-2026-1230
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 1.0 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user to cause repository downloads to contain different code than displayed in the web interface due to incorrect...
CVE-2025-12704
Removed by vendor...
CVE-2025-13690
GitLab CE/EE versions with affected ranges are vulnerable to a DoS due to improper input validation on webhook header names when the user is authenticated. Specifically, all 16.11.x prior to 18.7.6, all 18.8.x prior to 18.8.6, and all 18.9.x prior to 18.9.2 are impacted. The issue is mitigated by...
CVE-2025-14513
Summary: CVE-2025-14513 affects GitLab CE/EE. Versions affected: 16.11 prior to 18.7.6, 18.8 prior to 18.8.6, and 18.9 prior to 18.9.2. Root cause: improper input validation when processing specially crafted JSON payloads in the protected branches API, allowing an unauthenticated user to cause a ...
CVE-2026-0602
Removed by vendor...
CVE-2026-0602
GitLab CE/EE contains a vulnerability (CVE-2026-0602) where an authenticated user could disclose metadata from private issues, merge requests, epics, milestones, or commits due to improper filtering in the snippet rendering process. Affected versions are 15.6 up to but not including 18.7.6, 18.7....
CVE-2026-1069 Uncontrolled Recursion in GitLab
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.9 before 18.9.2 that could have allowed an unauthenticated user to cause a denial of service by sending specially crafted GraphQL requests due to uncontrolled recursion under certain circumstances...
PT-2026-24712
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.9 before 18.9.2 that could have allowed an unauthenticated user to cause a denial of service by sending specially crafted GraphQL requests due to uncontrolled recursion under certain circumstances...
GitLab 安全漏洞
GitLab is an end-to-end software development platform provided by the American company GitLab. It includes built-in features such as version control, issue tracking, code review, and CI/CD Continuous Integration and Delivery. There were security vulnerabilities in versions of GitLab CE and EE...
GitLab Enterprise Edition(EE)和GitLab Community Edition(CE) 安全漏洞
GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of the American company GitLab. GitLab Enterprise Edition is a content management system. GitLab Community Edition is a community version of GitLab. There were security vulnerabilities in versions prior to 18.7.6,...
GitLab Enterprise Edition(EE)和GitLab Community Edition(CE) 安全漏洞
GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of the American company GitLab. GitLab Enterprise Edition is a content management system. GitLab Community Edition is a community version of GitLab. Both GitLab Enterprise Edition EE and GitLab Community Edition CE had...
GitLab 12.6 < 18.7.6 / 18.8 < 18.8.6 / 18.9 < 18.9.2 (CVE-2026-1732)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.6 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user to disclose...
GitLab 18.9 < 18.9.2 (CVE-2026-1069)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.9 before 18.9.2... CVE-2026-1069 Note that Nessus has not tested for this issue but has instead relied only on the...