Lucene search
+L

629 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 2:5 a.m.9 views

CVE-2023-6159

An issue has been discovered in GitLab CE/EE affecting all versions from 12.7 prior to 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1 It was possible for an attacker to trigger a Regular Expression Denial of Service via a Cargo.toml containing maliciously crafted input...

6.5CVSS6.4AI score0.00995EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/05/23 12:0 a.m.12 views

PT-2025-22667 · Gitlab +1 · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 11.6 through 17.10.6 GitLab CE/EE versions 17.11 through 17.11.2 GitLab CE/EE versions 18.0 through 18.0.0 Description: An issue has been discovered in GitLab CE/EE that may cause a Denial of Service DoS when using a...

6.5CVSS5.9AI score0.00451EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2025/05/22 11:29 p.m.7 views

CVE-2022-1189

An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.2 before 14.7.7, all versions starting from 14.8 before 14.8.5, all versions starting from 14.9 before 14.9.2 that allowed for an unauthorised user to read the the approval rules of a private project...

4.3CVSS6.7AI score0.00693EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:5 p.m.8 views

CVE-2022-1174

A potential DoS vulnerability was discovered in Gitlab CE/EE versions 13.7 before 14.7.7, all versions starting from 14.8 before 14.8.5, all versions starting from 14.9 before 14.9.2 allowed an attacker to trigger high CPU usage via a special crafted input added in Issues, Merge requests,...

7.5CVSS6.5AI score0.01442EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:47 p.m.5 views

CVE-2021-22177

Potential DoS was identified in gitlab-shell in GitLab CE/EE version 12.6.0 or above, which allows an attacker to spike the server resource utilization via gitlab-shell command...

4.3CVSS7AI score0.01206EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/05/22 12:0 a.m.8 views

PT-2025-22479 · Gitlab · Gitlab Ce/Ee

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions prior to 17.10.7 GitLab CE/EE version 17.11 prior to 17.11.3 GitLab CE/EE version 18.0 prior to 18.0.1 Description: An issue has been discovered in GitLab CE/EE that allows an attacker to reveal masked or hidden CI...

7.5CVSS5.8AI score0.00387EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2025/05/22 12:0 a.m.5 views

PT-2025-22489 · Gitlab · Gitlab Ce/Ee

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 17.1 through 17.10.6 GitLab CE/EE versions 17.11 through 17.11.2 GitLab CE/EE versions 18.0 through 18.0.0 Description: An issue has been discovered in GitLab CE/EE where under certain conditions, unauthorized users can...

4.3CVSS5.9AI score0.0029EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2025/05/22 12:0 a.m.6 views

PT-2025-22488 · Gitlab · Gitlab Ce/Ee

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 16.8 through 17.10.6 GitLab CE/EE versions 17.11 through 17.11.2 GitLab CE/EE versions 18.0 through 18.0.0 Description: An issue has been discovered in GitLab CE/EE, where group access controls could allow certain users ...

4.6CVSS6.3AI score0.00268EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2025/05/22 12:0 a.m.6 views

PT-2025-22486 · Gitlab · Gitlab Ce/Ee

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 11.1 through 17.10.6 GitLab CE/EE versions 17.11 through 17.11.2 GitLab CE/EE versions 18.0 through 18.0.0 Description: An issue has been discovered in GitLab CE/EE, where improper XPath validation allows a modified SAML...

6.8CVSS6AI score0.00414EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2025/05/22 12:0 a.m.12 views

PT-2025-22482 · Gitlab · Gitlab Ce/Ee

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 18.0 through 18.0.0 Description: An issue has been discovered in GitLab CE/EE where a user with limited permissions could access Job Data via a crafted GraphQL query in certain circumstances. Recommendations: For GitLab...

4.3CVSS5.8AI score0.00281EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2025/05/21 12:0 a.m.9 views

PT-2025-22477 · Gitlab · Gitlab Ce/Ee

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 10.2 through 17.10.6 GitLab CE/EE versions 17.11 through 17.11.2 GitLab CE/EE versions 18.0 through 18.0.0 Description: An issue has been discovered in GitLab CE/EE due to a lack of input validation in the Kubernetes...

6.8CVSS5.9AI score0.00409EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2025/05/21 12:0 a.m.12 views

PT-2025-22459 · Gitlab · Gitlab Ce/Ee

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions prior to 17.10.7 GitLab CE/EE version 17.11 prior to 17.11.3 GitLab CE/EE version 18.0 prior to 18.0.1 Description: An issue has been discovered in GitLab CE/EE that could allow an authenticated attacker to cause a denia...

7.8CVSS9.2AI score0.00484EPSS
Exploits0References20
Positive Technologies
Positive Technologies
added 2025/05/07 12:0 a.m.11 views

PT-2025-20572 · Gitlab · Gitlab Ce/Ee

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 17.3 through 17.9.7 GitLab CE/EE versions 17.10 through 17.10.5 GitLab CE/EE versions 17.11 through 17.11.1 Description: An issue has been discovered in GitLab CE/EE that allows attackers to bypass Device OAuth flow...

7.1CVSS6AI score0.0033EPSS
Exploits1References12
Positive Technologies
Positive Technologies
added 2025/05/07 12:0 a.m.10 views

PT-2025-20571 · Gitlab · Gitlab Ce/Ee

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 17.1 through 17.9.7 GitLab CE/EE versions 17.10 through 17.10.5 GitLab CE/EE versions 17.11 through 17.11.1 Description: An issue has been discovered in GitLab CE/EE that could cause a Denial of Service DoS condition. Th...

7.5CVSS6.1AI score0.00333EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2025/05/07 12:0 a.m.9 views

PT-2025-20573 · Gitlab · Gitlab Ce/Ee

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 12.0 through 17.9.7 GitLab CE/EE versions 17.10 through 17.10.5 GitLab CE/EE versions 17.11 through 17.11.1 Description: An issue has been discovered in GitLab CE/EE that allows users to bypass IP access restrictions and...

7.5CVSS5.6AI score0.003EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2025/04/23 12:0 a.m.8 views

PT-2025-17705 · Gitlab · Gitlab Ce/Ee

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 16.7 through 17.9.7 GitLab CE/EE versions 17.10 through 17.10.5 GitLab CE/EE versions 17.11 through 17.11.1 Description: An issue has been discovered affecting service availability via issue preview in GitLab CE/EE. The...

7.5CVSS6.1AI score0.00422EPSS
Exploits0References15
Positive Technologies
Positive Technologies
added 2025/04/10 12:0 a.m.7 views

PT-2025-15975 · Gitlab · Gitlab Ce/Ee

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 17.8.7 and earlier, versions 17.9 prior to 17.9.6, and versions 17.10 prior to 17.10.4. Description: A denial of service DoS issue exists in GitLab CE/EE. The issue occurs when oversized payloads are injected into CI...

7.5CVSS6AI score0.0038EPSS
Exploits0References16
Positive Technologies
Positive Technologies
added 2025/03/28 12:0 a.m.9 views

PT-2025-33050 · Gitlab · Gitlab Ce/Ee

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 13.2 through 18.0.5 GitLab CE/EE versions 18.1 through 18.1.3 GitLab CE/EE versions 18.2 through 18.2.1 Description: An issue exists in GitLab CE/EE that allows authenticated users to create a denial of service condition...

6.8CVSS5.9AI score0.00361EPSS
Exploits0References12
NVD
NVD
added 2025/03/27 1:15 p.m.21 views

CVE-2025-0811

An issue has been discovered in GitLab CE/EE affecting all versions from 17.7 before 17.8.6, 17.9 before 17.9.3, and 17.10 before 17.10.1. Improper rendering of certain file types leads to cross-site scripting...

8.7CVSS0.0028EPSS
Exploits1References2
OSV
OSV
added 2025/03/27 12:31 p.m.15 views

CVE-2025-0811 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 17.7 before 17.8.6, 17.9 before 17.9.3, and 17.10 before 17.10.1. Improper rendering of certain file types leads to cross-site scripting...

8.7CVSS5AI score0.0028EPSS
Exploits1References5
Rows per page
Query Builder