Linux Distros Unpatched Vulnerability : CVE-2025-0186

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 10.6 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that could have...

EUVD-2026-8723

GitLab has remediated an issue in GitLab CE/EE affecting versions from 18.9 before 18.9.1 that could have under certain conditions, allowed an unauthenticated user to cause denial of service by sending specially crafted requests to a CI jobs API endpoint...

EUVD-2025-202661

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 6.3 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an authenticated user to cause a Denial of Service condition by sending crafted API calls with large content parameters...

EUVD-2019-6552

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2024-5469

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - DoS in KAS in GitLab CE/EE affecting all versions from 16.10.0 prior to 16.10.6 and 16.11.0 prior to 16.11.3 allows an attacker to crash KAS via crafted gRPC...

Linux Distros Unpatched Vulnerability : CVE-2023-6386

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A denial of service vulnerability was identified in GitLab CE/EE, affecting all versions from 15.11 prior to 16.6.7, 16.7 prior to 16.7.5 and 16.8 prior to 16.8...

CVE-2025-2614 Allocation of Resources Without Limits or Throttling in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 11.6 before 18.0.6, 18.1 before 18.1.4, and 18.2 before 18.2.2 that could have allowed an authenticated user to cause a denial of service condition by creating specially crafted content that consumes excessive server resourc...

CVE-2024-4025 Inefficient Regular Expression Complexity in GitLab

A Denial of Service DoS condition has been discovered in GitLab CE/EE affecting all versions from 7.10 prior before 16.11.5, version 17.0 before 17.0.3, and 17.1 before 17.1.1. It is possible for an attacker to cause a denial of service using a crafted markdown page...

CVE-2025-1516 Allocation of Resources Without Limits or Throttling in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 8.7 before 17.10.8, 17.11 before 17.11.4, and 18.0 before 18.0.2. Improper input validation in Tokens Names could be used to trigger a denial of service...

CVE-2025-5996

CVE-2025-5996 describes a denial-of-service issue in GitLab CE/EE across multiple versions (2.1.0–17.10.7, 17.11.0–17.11.3, 18.0.0–18.0.1) caused by insufficient input validation in HTTP responses. An authenticated user can trigger DoS, with CVSS 3.1: AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (base sco...

CVE-2024-1947

A denial of service DoS condition was discovered in GitLab CE/EE affecting all versions from 13.2.4 before 16.10.6, 16.11 before 16.11.3, and 17.0 before 17.0.1. By leveraging this vulnerability an attacker could create a DoS condition by sending crafted API calls...

FreeBSD : Gitlab -- vulnerabilities (a1a1b0c2-3791-11f0-8600-2cf05da270f3)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the a1a1b0c2-3791-11f0-8600-2cf05da270f3 advisory. Gitlab reports: Unprotected large blob endpoint in GitLab allows Denial of Service Improper...

CVE-2022-3514

An issue has been discovered in GitLab CE/EE affecting all versions starting from 6.6 before 15.5.7, all versions starting from 15.6 before 15.6.4, all versions starting from 15.7 before 15.7.2. An attacker may cause Denial of Service on a GitLab instance by exploiting a regex issue in the...

CVE-2021-39942

A denial of service vulnerability in GitLab CE/EE affecting all versions starting from 12.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, allows low-privileged users to bypass file size limits in the NPM package repository to...

CVE-2025-1677

A Denial of Service DoS issue has been discovered in GitLab CE/EE affecting all up to 17.8.7, 17.9 prior to 17.9.6 and 17.10 prior to 17.10.4 A denial of service could occur upon injecting oversized payloads into CI pipeline exports...

FreeBSD : Gitlab -- Vulnerabilities (ed602f8b-15c2-11f0-b4e4-2cf05da270f3)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the ed602f8b-15c2-11f0-b4e4-2cf05da270f3 advisory. Gitlab reports: Denial of service via CI pipelines Unintentionally authorizing sensitive actio...

CVE-2024-12379

CVE-2024-12379 is a denial-of-service issue in GitLab CE/EE where an attacker can cause unbounded symbol creation via the scopes parameter in a Personal Access Token, impacting availability. Affected versions run from 14.1 up to 17.6.5, 17.7 up to 17.7.4, and 17.8 up to 17.8.2. The root cause is ...

UBUNTU-CVE-2025-1072

A Denial of Service DoS issue has been discovered in GitLab CE/EE affecting all versions starting from 7.14.1 prior to 17.3.7, 17.4 prior to 17.4.4, and 17.5 prior to 17.5.2. A denial of service could occur upon importing maliciously crafted content using the Fogbugz importer...

CVE-2024-6324

GitLab CE/EE is affected by CVE-2024-6324 across all versions: 15.7 up to 17.5.5, 17.6 up to 17.6.3, and 17.7 up to 17.7.1. The issue allows DoS by triggering cyclic references between epics, leading to resource exhaustion. The connected OSV/NVD entries confirm the DoS impact and indicate a patch...

CVE-2024-9367

CVE-2024-9367 affects GitLab CE/EE: all versions starting from 13.9 before 17.4.6, 17.5 before 17.5.4, and 17.6 before 17.6.2. It allows an attacker to trigger uncontrolled CPU consumption while parsing changelog templates, potentially causing a Denial of Service (DoS). Connected documents confir...