Lucene search
K

22 matches found

Tenable Nessus
Tenable Nessus
added 2026/02/12 12:0 a.m.5 views

GitLab 15.6 < 18.4.6 / 18.5 < 18.5.4 / 18.6 < 18.6.2 (CVE-2025-12734)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.6 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an authenticated user to, under certai...

3.5CVSS5.6AI score0.00226EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/01/21 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2025-12734

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.6 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowe...

3.5CVSS5.7AI score0.00226EPSS
Exploits0References2
OSV
OSV
added 2025/12/18 12:4 p.m.3 views

BIT-GITLAB-2025-12734 Improper Encoding or Escaping of Output in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.6 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an authenticated user to, under certain conditions, render content in dialogs to other users by injecting malicious HTML content into...

3.5CVSS6.6AI score0.00226EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/12/12 8:6 a.m.4 views

CVE-2025-12734

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.6 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an authenticated user to, under certain conditions, render content in dialogs to other users by injecting malicious HTML content into...

3.5CVSS6.4AI score0.00226EPSS
Exploits0References1
NVD
NVD
added 2025/12/11 8:15 a.m.5 views

CVE-2025-12734

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.6 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an authenticated user to, under certain conditions, render content in dialogs to other users by injecting malicious HTML content into...

3.5CVSS0.00226EPSS
Exploits0References3
OSV
OSV
added 2025/12/11 8:15 a.m.2 views

UBUNTU-CVE-2025-12734

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.6 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an authenticated user to, under certain conditions, render content in dialogs to other users by injecting malicious HTML content into...

3.5CVSS5.8AI score0.00226EPSS
Exploits0References2
CVE
CVE
added 2025/12/11 7:32 a.m.28 views

CVE-2025-12734

GitLab CVE-2025-12734 affects GitLab CE/EE prior to 18.4.6 (for 15.6 line), 18.5 prior to 18.5.4, and 18.6 prior to 18.6.2. An authenticated user could inject malicious HTML content into merge request titles to render content in dialogs for other users, enabling a content-injection vector. Affect...

3.5CVSS6AI score0.00226EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2025/12/11 7:32 a.m.25 views

CVE-2025-12734 Improper Encoding or Escaping of Output in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.6 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an authenticated user to, under certain conditions, render content in dialogs to other users by injecting malicious HTML content into...

3.5CVSS0.00226EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/12/11 7:32 a.m.2 views

CVE-2025-12734 Improper Encoding or Escaping of Output in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.6 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an authenticated user to, under certain conditions, render content in dialogs to other users by injecting malicious HTML content into...

3.5CVSS6AI score0.00226EPSS
Exploits0References3
EUVD
EUVD
added 2025/12/11 7:32 a.m.3 views

EUVD-2025-202668

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.6 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an authenticated user to leak sensitive information from specifically crafted merge request titles...

3.5CVSS6AI score0.00226EPSS
Exploits0References4
OSV
OSV
added 2025/12/11 7:32 a.m.2 views

CVE-2025-12734 Improper Encoding or Escaping of Output in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.6 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an authenticated user to, under certain conditions, render content in dialogs to other users by injecting malicious HTML content into...

3.5CVSS6.3AI score0.00226EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/12/10 12:0 a.m.4 views

PT-2025-50585

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 15.6 through 18.4.6 GitLab CE/EE versions 18.5 through 18.5.4 GitLab CE/EE versions 18.6 through 18.6.2 Description GitLab has addressed an issue that could allow an authenticated user to reveal sensitive information...

4CVSS6.1AI score0.00226EPSS
Exploits0References9
OSV
OSV
added 2024/06/27 12:15 a.m.4 views

UBUNTU-CVE-2024-2191

An issue was discovered in GitLab CE/EE affecting all versions starting from 16.9 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows merge request title to be visible publicly despite being set as project members only...

5.3CVSS5.8AI score0.00432EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/07/21 12:0 a.m.11 views

GitLab 信息泄露漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery, and other features. A security vulnerability exists in GitLab EE version 16.0 up to and including...

5.3CVSS5.6AI score0.00583EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2022/01/18 5:15 p.m.6 views

CVE-2022-0172

An issue has been discovered in GitLab CE/EE affecting all versions starting with 12.3. Under certain conditions it was possible to bypass the IP restriction for public projects through GraphQL allowing unauthorised users to read titles of issues, merge requests and milestones...

6.5CVSS6.4AI score0.00765EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/01/18 5:15 p.m.1 views

UBUNTU-CVE-2022-0172

An issue has been discovered in GitLab CE/EE affecting all versions starting with 12.3. Under certain conditions it was possible to bypass the IP restriction for public projects through GraphQL allowing unauthorised users to read titles of issues, merge requests and milestones...

6.5CVSS5.7AI score0.00765EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/01/18 12:0 a.m.4 views

PT-2022-13008 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 12.3 and later Description: An issue has been discovered in GitLab CE/EE, where under certain conditions, it was possible to bypass the IP restriction for public projects through GraphQL. This allowed unauthorized users ...

6.5CVSS6AI score0.00765EPSS
Exploits0References10
NVD
NVD
added 2020/03/13 5:15 p.m.18 views

CVE-2020-10085

GitLab 12.3.5 through 12.8.1 allows Information Disclosure. A particular view was exposing merge private merge request titles...

5.3CVSS5.1AI score0.00929EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2020/03/13 4:44 p.m.24 views

CVE-2020-10085

Removed by vendor...

5.3CVSS6AI score0.00929EPSS
Exploits0
OSV
OSV
added 2019/09/09 8:15 p.m.12 views

CVE-2019-6997

An issue was discovered in GitLab Community and Enterprise Edition 10.x starting in 10.7 and 11.x before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It has Incorrect Access Control. System notes contain an access control issue that permits a guest user to view merge request titles...

4.3CVSS6.4AI score
Exploits0References2
Rows per page
Query Builder