2 matches found
CVE-2025-7691 Privilege Defined With Unsafe Actions in GitLab
A privilege escalation issue has been discovered in GitLab EE affecting all versions from 16.6 prior to 18.2.7, 18.3 prior to 18.3.3, and 18.4 prior to 18.4.1 that could have allowed a developer with specific group management permissions to escalate their privileges and obtain unauthorized access...
CVE-2025-10858
GitLab CE/EE vulnerable to unauthenticated DoS when uploading specially crafted large JSON files. Affected branches: all versions before 18.2.7, 18.3 before 18.3.3, and 18.4 before 18.4.1. Impact is Denial of Service (availability impact). CVSS 3.1 base score 7.5 (HIGH) with network attack vector...