4 matches found
CVE-2026-5952
GitLab CE/EE vulnerability CVE-2026-5952 affected all versions prior to 18.11.6 (from 17.11), 19.0 prior to 19.0.3, and 19.1 prior to 19.1.1. An authenticated user with developer-role permissions could bypass package protection rules and overwrite protected Maven package metadata due to incorrect...
CVE-2026-1747
Removed by vendor...
CVE-2026-1747 Authentication Bypass Using an Alternate Path or Channel in GitLab
GitLab has remediated an issue in GitLab EE affecting all versions from 17.11 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that, under certain conditions, could have allowed Developer-role users with insufficient privileges to make unauthorized modifications to protected Conan packag...
PT-2026-21997
Name of the Vulnerable Software and Affected Versions GitLab EE versions 17.11 through 18.7.4 GitLab EE versions 18.8 through 18.8.4 GitLab EE versions 18.9 through 18.9.0 Description A flaw existed in GitLab EE that, under specific circumstances, could have allowed Developer-role users with...