Lucene search
K

505 matches found

UbuntuCve
UbuntuCve
added 2026/05/14 6:16 a.m.7 views

CVE-2026-6883

GitLab has remediated an issue in GitLab EE affecting all versions from 15.7 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user to bypass merge request approval requirements due to improper cleanup of orphaned policy records...

4.3CVSS5.8AI score0.00146EPSS
Exploits0References3
CVE
CVE
added 2026/05/14 5:33 a.m.32 views

CVE-2026-6883

GitLab CVE-2026-6883 affects GitLab Enterprise Edition (EE) across multiple tracked versions prior to patch levels: 15.7–before 18.9.7, 18.10–before 18.10.6, and 18.11–before 18.11.3. The root cause is improper cleanup of orphaned policy records, allowing an authenticated user to bypass merge req...

4.3CVSS5.8AI score0.00146EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/14 5:33 a.m.10 views

CVE-2026-6883 Missing Authorization in GitLab

GitLab has remediated an issue in GitLab EE affecting all versions from 15.7 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user to bypass merge request approval requirements due to improper cleanup of orphaned policy records...

2.6CVSS5.8AI score0.00146EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/14 5:33 a.m.37 views

CVE-2026-6883 Missing Authorization in GitLab

GitLab has remediated an issue in GitLab EE affecting all versions from 15.7 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user to bypass merge request approval requirements due to improper cleanup of orphaned policy records...

2.6CVSS0.00146EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/14 5:33 a.m.5 views

CVE-2026-6883

GitLab has remediated an issue in GitLab EE affecting all versions from 15.7 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user to bypass merge request approval requirements due to improper cleanup of orphaned policy records...

2.6CVSS5.8AI score0.00146EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/05/14 5:33 a.m.7 views

EUVD-2026-30237

GitLab has remediated an issue in GitLab EE affecting all versions from 15.7 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user to bypass merge request approval requirements due to improper cleanup of orphaned policy records...

2.6CVSS5.8AI score0.00146EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.9 views

PT-2026-40875

Name of the Vulnerable Software and Affected Versions GitLab EE versions 15.7 through 18.9.6 GitLab EE versions 18.10 through 18.10.5 GitLab EE versions 18.11 through 18.11.2 Description An issue exists where an authenticated user can bypass merge request approval requirements. This occurs due to...

4.3CVSS5.7AI score0.00146EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/14 12:0 a.m.8 views

GitLab 安全漏洞

GitLab is an end-to-end software development platform provided by the American company GitLab. It includes built-in features such as version control, issue tracking, code review, and CI/CD continuous integration and delivery. There were security vulnerabilities in versions prior to GitLab EE...

4.3CVSS5.9AI score0.00146EPSS
Exploits0References1
OSV
OSV
added 2026/05/04 10:28 p.m.6 views

GHSA-G27R-R6PH-VF5R sequoia-git has broken hard revocation handling

Before sq-git checks if a commit can be authenticated, it first looks for hard revocations. Because parsing a policy is expensive and a project's policy rarely changes, sq-git has an optimization to only check a policy if it hasn't checked it before. It does this by maintaining a set of policies...

1.8CVSS5.8AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/05/04 10:28 p.m.11 views

sequoia-git has broken hard revocation handling

Before sq-git checks if a commit can be authenticated, it first looks for hard revocations. Because parsing a policy is expensive and a project's policy rarely changes, sq-git has an optimization to only check a policy if it hasn't checked it before. It does this by maintaining a set of policies...

5.8AI score
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/04 12:0 a.m.11 views

PT-2026-37357

Before sq-git checks if a commit can be authenticated, it first looks for hard revocations. Because parsing a policy is expensive and a project's policy rarely changes, sq-git has an optimization to only check a policy if it hasn't checked it before. It does this by maintaining a set of policies...

1.8CVSS5.8AI score
Exploits0References4
OSV
OSV
added 2026/04/21 12:0 p.m.7 views

RUSTSEC-2026-0109 Broken hard revocation handling

Before sq-git checks if a commit can be authenticated, it first looks for hard revocations. Because parsing a policy is expensive and a project's policy rarely changes, sq-git has an optimization to only check a policy if it hasn't checked it before. It does this by maintaining a set of policies...

1.8CVSS5.5AI score
Exploits0References3
RustSec
RustSec
added 2026/04/21 12:0 p.m.11 views

Broken hard revocation handling

Before sq-git checks if a commit can be authenticated, it first looks for hard revocations. Because parsing a policy is expensive and a project's policy rarely changes, sq-git has an optimization to only check a policy if it hasn't checked it before. It does this by maintaining a set of policies...

5.4AI score
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/04/14 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2026-2726

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.10 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have...

4.3CVSS5.9AI score0.00194EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.11 views

GitLab Enterprise Edition(EE)和GitLab Community Edition(CE) 安全漏洞

GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of the American company GitLab. GitLab Enterprise Edition is a content management system. GitLab Community Edition is a community version of GitLab. Versions of GitLab CE/EE prior to 18.8.7, 18.9.3, and 18.10.1 contain...

4.3CVSS5.8AI score0.00194EPSS
Exploits0References4
OSV
OSV
added 2026/03/02 9:8 a.m.6 views

BIT-GITLAB-2026-1388 Inefficient Regular Expression Complexity in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.2 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that could have allowed an unauthenticated user to cause regular expression denial of service by sending specially crafted input to a merge request endpoint und...

7.5CVSS6AI score0.00357EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/02/26 10:34 p.m.5 views

CVE-2026-1388

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.2 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that could have allowed an unauthenticated user to cause regular expression denial of service by sending specially crafted input to a merge request endpoint und...

7.5CVSS5.4AI score0.00357EPSS
Exploits0References1
EUVD
EUVD
added 2026/02/25 9:31 p.m.7 views

EUVD-2026-8721

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.2 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that could have allowed an unauthenticated user to cause regular expression denial of service by sending specially crafted input to a merge request endpoint und...

7.5CVSS5.4AI score0.00357EPSS
Exploits0References4
NVD
NVD
added 2026/02/25 9:16 p.m.9 views

CVE-2026-1388

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.2 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that could have allowed an unauthenticated user to cause regular expression denial of service by sending specially crafted input to a merge request endpoint und...

7.5CVSS0.00357EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/02/25 9:16 p.m.5 views

CVE-2026-1388

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.2 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that could have allowed an unauthenticated user to cause regular expression denial of service by sending specially crafted input to a merge request endpoint und...

7.5CVSS5.9AI score0.00357EPSS
Exploits0References4
Rows per page
Query Builder