Lucene search
K

1032 matches found

CNNVD
CNNVD
added 2026/04/22 12:0 a.m.12 views

GitLab CE/EE 跨站请求伪造漏洞

GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of the American company GitLab. GitLab Enterprise Edition is a content management system. GitLab Community Edition is a community version of GitLab. Versions of GitLab CE/EE prior to 18.9.6, 18.10.4, and 18.11.1 had a...

8.1CVSS5.8AI score0.00178EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.13 views

PT-2026-34521

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 18.2 through 18.9.5 GitLab CE/EE versions 18.10 through 18.10.3 GitLab CE/EE versions 18.11 through 18.11.0 Description An issue exists that could allow a user to access Virtual Registries under certain conditions by usin...

5.4CVSS5.2AI score0.00163EPSS
Exploits0References5
OSV
OSV
added 2026/04/17 12:8 a.m.8 views

BIT-GITLAB-2026-1092 Improper Validation of Specified Quantity in Input in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.10 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an unauthenticated user to cause denial of service due to improper input validation of JSON payloads...

7.5CVSS7.3AI score0.00552EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/13 12:0 a.m.9 views

PT-2026-32417

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.2 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an authenticated user with custom role permissions to demote or remove higher-privileged group members due to improper authorization...

2.7CVSS5.8AI score0.00348EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/09 12:32 a.m.7 views

EUVD-2026-20789

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.10 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an unauthenticated user to cause denial of service due to improper input validation of JSON payloads...

7.5CVSS5.9AI score0.00552EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/04/08 11:16 p.m.5 views

CVE-2026-1092

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.10 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an unauthenticated user to cause denial of service due to improper input validation of JSON payloads...

7.5CVSS5.8AI score0.00552EPSS
Exploits0References4
OSV
OSV
added 2026/04/08 11:16 p.m.6 views

UBUNTU-CVE-2026-1092

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.10 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an unauthenticated user to cause denial of service due to improper input validation of JSON payloads...

7.5CVSS5.8AI score0.00552EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2026/04/08 10:26 p.m.3 views

CVE-2025-12664

Removed by vendor...

7.5CVSS7.3AI score0.00577EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/04/08 10:26 p.m.6 views

CVE-2026-1092 Improper Validation of Specified Quantity in Input in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.10 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an unauthenticated user to cause denial of service due to improper input validation of JSON payloads...

7.5CVSS5.9AI score0.00552EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/04/08 10:26 p.m.11 views

CVE-2026-1092

Removed by vendor...

7.5CVSS7.3AI score0.00552EPSS
Exploits0
Cvelist
Cvelist
added 2026/04/08 10:25 p.m.20 views

CVE-2026-5173 Exposed Dangerous Method or Function in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.9.6 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an authenticated user to invoke unintended server-side methods through websocket connections due to improper access control...

8.5CVSS0.00425EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/04/08 10:25 p.m.5 views

CVE-2026-5173

Removed by vendor...

8.5CVSS7.3AI score0.00425EPSS
Exploits0
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.11 views

GitLab 安全漏洞

GitLab is an end-to-end software development platform provided by the American company GitLab. It includes built-in features such as version control, issue tracking, code review, and CI/CD Continuous Integration and Delivery. Vulnerabilities exist in versions of GitLab CE/EE before 18.8.9, 18.9.5...

7.5CVSS7.4AI score0.00577EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.6 views

PT-2026-31536

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 13.0 through 18.8.8, 18.9 through 18.9.4, and 18.10 through 18.10.2 Description The software is susceptible to a denial-of-service condition triggered by repeated GraphQL queries from an unauthenticated user...

7.8CVSS5.8AI score0.00577EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2026/03/30 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-12576

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.3 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that under certain...

6.5CVSS5.9AI score0.00385EPSS
Exploits0References2
OSV
OSV
added 2026/03/27 12:11 p.m.6 views

BIT-GITLAB-2025-13078 Improper Validation of Specified Quantity in Input in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.10 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an authenticated user to cause a denial of service due to excessive resource consumption when processing certain webhook configurati...

6.5CVSS5.9AI score0.00417EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/03/26 5:1 p.m.6 views

CVE-2025-13436

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.7 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an authenticated user to cause a denial of service due to excessive resource consumption when handling certain CI-related inputs...

6.5CVSS5.8AI score0.00417EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 5:1 p.m.6 views

CVE-2025-13078

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.10 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an authenticated user to cause a denial of service due to excessive resource consumption when processing certain webhook configurati...

6.5CVSS5.8AI score0.00417EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 5:0 p.m.6 views

CVE-2026-2726

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.10 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an authenticated user to perform unauthorized actions on merge requests in other projects due to improper access control during...

4.3CVSS5.8AI score0.00194EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 5:0 p.m.10 views

CVE-2026-3857

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an unauthenticated user to execute arbitrary GraphQL mutations on behalf of authenticated users due to insufficient CSRF protection...

8.1CVSS6.1AI score0.00169EPSS
Exploits0References1
Rows per page
Query Builder