CVE-2025-11340 Incorrect Authorization in GitLab

GitLab has remediated an issue in GitLab EE affecting all versions from 18.3 to 18.3.4, 18.4 to 18.4.2 that, under certain conditions, could have allowed authenticated users with read-only API tokens to perform unauthorized write operations on vulnerability records by exploiting incorrectly scope...

EUVD-2025-33333

GitLab has remediated an issue in GitLab EE affecting all versions from 18.3 to 18.3.4, 18.4 to 18.4.2 that, under certain conditions, could have allowed authenticated users with read-only API tokens to perform unauthorized write operations on vulnerability records by exploiting incorrectly scope...

CVE-2025-11340

GitLab EE CVE-2025-11340 affects all versions 18.3–18.3.4 and 18.4–18.4.2. The root cause is incorrectly scoped GraphQL mutations that could allow authenticated users with read-only API tokens to perform unauthorized writes to vulnerability records. A patch is available in GitLab EE 18.4.2 (relea...

CVE-2025-11340 Incorrect Authorization in GitLab

GitLab has remediated an issue in GitLab EE affecting all versions from 18.3 to 18.3.4, 18.4 to 18.4.2 that, under certain conditions, could have allowed authenticated users with read-only API tokens to perform unauthorized write operations on vulnerability records by exploiting incorrectly scope...

CVE-2025-11340

Removed by vendor...

GitLab 安全漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. in the United States, with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery, and other features. A security vulnerability exists in GitLab CE and EE...

GitLab Enterprise Edition 安全漏洞

GitLab Enterprise Edition EE is a content management system from GitLab, Inc. in the United States. A security vulnerability exists in GitLab Enterprise Edition EE versions 18.3 through 18.3.4 and 18.4 through 18.4.2, which stems from an incorrect GraphQL mutation range that could cause an...

PT-2025-41490

Name of the Vulnerable Software and Affected Versions BigBlueButton versions prior to 3.0.13 Description BigBlueButton is an open-source virtual classroom. A denial-of-service DoS condition exists in versions prior to 3.0.13. An authenticated user can disrupt chat functionality for all meeting...

GitLab 13.12 < 18.2.8 / 18.3 < 18.3.4 / 18.4 < 18.4.2 (CVE-2025-10004)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.12 to 18.2.8, 18.3 to 18.3.4, and 18.4 to 18.4.2 that could make the GitLab instance unresponsive or severely degraded by...

Gitlab -- vulnerabilities

Gitlab reports: Incorrect authorization issue in GraphQL mutations impacts GitLab EE Denial of Service issue in GraphQL blob type impacts GitLab CE/EE Missing authorization issue in manual jobs impacts GitLab CE/EE Denial of Service issue in webhook endpoints impacts GitLab CE/EE...

EUVD-2019-6544

Malware in sbrugna...

EUVD-2020-5577

Malware in sbrugna...

EUVD-2021-22677

Malware in sbrugna...

EUVD-2019-2040

Malware in sbrugna...

EUVD-2021-2420

Malware in sbrugna...

EUVD-2021-2300

Malware in sbrugna...

EUVD-2021-0518

Malware in sbrugna...

EUVD-2021-2253

Malware in sbrugna...

EUVD-2021-26260

Malware in sbrugna...

EUVD-2020-5594

Malware in sbrugna...