Lucene search
K

1112 matches found

CVE
CVE
added 2026/05/14 5:38 a.m.23 views

CVE-2025-14869

GitLab CVE-2025-14869 affects GitLab CE/EE versions 18.5–before 18.9.7, 18.10–before 18.10.6, and 18.11–before 18.11.3. It could allow an unauthenticated attacker to cause a denial of service by sending specially crafted payloads to certain API endpoints. CVSSv3.1 base score 7.5 (HIGH), with NETW...

7.5CVSS5.8AI score0.00354EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2026/05/14 5:37 a.m.13 views

CVE-2025-14870

Removed by vendor...

7.5CVSS5.8AI score0.00339EPSS
Exploits0
EUVD
EUVD
added 2026/05/14 5:36 a.m.17 views

EUVD-2026-30224

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.6 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with developer-role permissions to bypass PyPI package protection rules and upload restricted packages due to...

4.3CVSS5.8AI score0.00218EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/14 5:36 a.m.12 views

CVE-2026-3073 Authorization Bypass Through User-Controlled Key in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.6 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with developer-role permissions to bypass PyPI package protection rules and upload restricted packages due to...

4.3CVSS5.8AI score0.00218EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/14 5:36 a.m.10 views

EUVD-2026-30225

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.7 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an unauthenticated user to download private debugging symbols from inaccessible projects due to improper access control...

4.3CVSS5.8AI score0.00199EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/14 5:35 a.m.10 views

CVE-2026-3160 Unintended Proxy or Intermediary ('Confused Deputy') in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.7 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user to view Jira issues outside the configured project scope due to an integration filter functioning only as a...

5.8CVSS5.8AI score0.00224EPSS
Exploits0References3
CVE
CVE
added 2026/05/14 5:35 a.m.46 views

CVE-2026-3607

GitLab CE/EE is affected across versions 18.3–18.11 prior to the fixed releases (18.9.7, 18.10.6, and 18.11.3). An authenticated user with developer-role permissions could bypass package protection rules due to improper access control. The issue has a CVSS v3.1 base score of 4.3 (Medium), with ne...

4.3CVSS5.8AI score0.00228EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/05/14 5:35 a.m.38 views

CVE-2026-3607 Access Control Check Implemented After Asset is Accessed in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.3 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with developer-role permissions to bypass package protection rules due to improper access control...

4.3CVSS0.00228EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/05/14 5:33 a.m.7 views

CVE-2026-6335

Removed by vendor...

5.4CVSS5.8AI score0.00192EPSS
Exploits0
EUVD
EUVD
added 2026/05/14 5:33 a.m.14 views

EUVD-2026-30243

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.3 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user to cause denial of service through excessive memory consumption due to improper input validation...

6.5CVSS5.8AI score0.00295EPSS
Exploits0References3
CVE
CVE
added 2026/05/14 5:33 a.m.21 views

CVE-2026-8280

CVE-2026-8280 affects GitLab CE/EE with all versions 8.3–18.11 before patched; the issue allows an authenticated user to cause a denial of service via excessive memory consumption caused by improper input validation. Affected versions require remediation: GitLab 18.9.7 (for 18.9.x branch), 18.10....

6.5CVSS5.8AI score0.00295EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2026/05/14 5:33 a.m.7 views

CVE-2026-8280

Removed by vendor...

6.5CVSS5.8AI score0.00295EPSS
Exploits0
EUVD
EUVD
added 2026/05/14 5:33 a.m.18 views

EUVD-2026-30241

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.1 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with project membership to enumerate private group members due to missing authorization checks...

4.3CVSS5.8AI score0.00172EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/05/14 5:33 a.m.7 views

CVE-2026-8144

Removed by vendor...

4.3CVSS5.8AI score0.00172EPSS
Exploits0
CNNVD
CNNVD
added 2026/05/14 12:0 a.m.10 views

GitLab Enterprise Edition(EE)和GitLab Community Edition(CE) 安全漏洞

GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of the American company GitLab. GitLab Enterprise Edition is a content management system. GitLab Community Edition is a community version of GitLab. Versions of GitLab CE/EE prior to 18.9.7, 18.10.6, and 18.11.3...

6.5CVSS5.8AI score0.00295EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.17 views

PT-2026-40855

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 18.5 through 18.9.6 GitLab CE/EE versions 18.10 through 18.10.5 GitLab CE/EE versions 18.11 through 18.11.2 Description An issue exists where an unauthenticated user can cause a denial of service by sending specially...

7.5CVSS5.8AI score0.00339EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/05/14 12:0 a.m.9 views

GitLab Enterprise Edition(EE)和GitLab Community Edition(CE) 安全漏洞

GitLab Enterprise Edition EE and GitLab Community Edition CE are products of the American company GitLab. GitLab Enterprise Edition is a content management system. GitLab Community Edition is a community version of GitLab. There were security vulnerabilities in versions of GitLab CE/EE between 18...

7.5CVSS5.8AI score0.00339EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.9 views

PT-2026-40854

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 18.5 through 18.9.6 GitLab CE/EE versions 18.10 through 18.10.5 GitLab CE/EE versions 18.11 through 18.11.2 Description An issue exists where an unauthenticated user can cause a denial of service by sending specially...

7.5CVSS5.8AI score0.00354EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/05/14 12:0 a.m.13 views

GitLab Enterprise Edition(EE)和GitLab Community Edition(CE) 安全漏洞

GitLab Enterprise Edition EE and GitLab Community Edition CE are products of the American company GitLab. GitLab Enterprise Edition is a content management system. GitLab Community Edition is a community version of GitLab. There were security vulnerabilities in versions of GitLab CE/EE from 15.1 ...

4.3CVSS5.8AI score0.00193EPSS
Exploits0References1
Chainguard
Chainguard
added 2026/05/08 1:17 p.m.11 views

GHSA-V2FC-QM4H-8HQV vulnerabilities

Vulnerabilities for packages: gitlab-rails-ce, kube-logging-operator, pact-broker-docker-fips, gitlab-rails-ce-fips, ruby4.0-rails, ruby3.4-rails, ruby3.2-rails, pact-broker-docker, ruby3.3-rails...

5.9AI score
Exploits0
Rows per page
Query Builder