77 matches found
FreeBSD : Gitlab -- Vulnerabilities (ee1e7aef-7117-11f1-873f-2cf05da270f3)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the ee1e7aef-7117-11f1-873f-2cf05da270f3 advisory. Gitlab reports: Cross-site Scripting issue in Analytics Dashboard impacts GitLab EE Cross-site...
CVE-2026-5309
GitLab has remediated an issue in GitLab EE affecting all versions from 18.6 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user to read or modify another group's virtual registry cleanup policy settings without...
CVE-2026-5309
GitLab EE fixed an authorization bypass (CVE-2026-5309) affecting all GitLab EE versions 18.6 before 18.11.6 , 19.0 before 19.0.3 , and 19.1 before 19.1.1 . Under certain conditions, an authenticated user could read or modify another group’s virtual registry cleanup policy settings without author...
CVE-2026-5309 Authorization Bypass Through User-Controlled Key in GitLab
GitLab has remediated an issue in GitLab EE affecting all versions from 18.6 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user to read or modify another group's virtual registry cleanup policy settings without...
EUVD-2026-39175
GitLab has remediated an issue in GitLab EE affecting all versions from 18.6 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user to read or modify another group's virtual registry cleanup policy settings without...
GitLab 18.6 < 18.11.6 / 19.0 < 19.0.3 / 19.1 < 19.1.1 (CVE-2026-5309)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in GitLab EE affecting all versions from 18.6 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticate...
PT-2026-52204
Name of the Vulnerable Software and Affected Versions GitLab EE versions 18.6 through 18.11.5 GitLab EE versions 19.0 through 19.0.2 GitLab EE versions 19.1 through 19.1.0 Description An authorization bypass exists that allows an authenticated user to read or modify the virtual registry cleanup...
CVE-2026-7471
GitLab has remediated an issue in GitLab EE affecting all versions from 18.8 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with control of a virtual registry upstream to make requests to internal hosts due to improper validation...
Vulnerabilities are handled in GitLab through GitLab Inc.
GitLab Inc. has addressed several vulnerabilities in GitLab Community Edition CE and Enterprise Edition EE in various versions, particularly in releases from version 8.3 to 18.11.3. These vulnerabilities concern various components and functions within GitLab, including Jira integration, container...
BIT-GITLAB-2026-7471 Server-Side Request Forgery (SSRF) in GitLab
GitLab has remediated an issue in GitLab EE affecting all versions from 18.8 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with control of a virtual registry upstream to make requests to internal hosts due to improper validation...
CVE-2026-7471
GitLab has remediated an issue in GitLab EE affecting all versions from 18.8 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with control of a virtual registry upstream to make requests to internal hosts due to improper validation...
CVE-2026-7471
GitLab has remediated an issue in GitLab EE affecting all versions from 18.8 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with control of a virtual registry upstream to make requests to internal hosts due to improper validation...
UBUNTU-CVE-2026-7471
GitLab has remediated an issue in GitLab EE affecting all versions from 18.8 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with control of a virtual registry upstream to make requests to internal hosts due to improper validation...
CVE-2026-7471
CVE-2026-7471 affects GitLab Enterprise Edition (GitLab EE) prior to patch releases 18.9.7, 18.10.6, and 18.11.3. The issue is a Server-Side Request Forgery (SSRF) vulnerability where an authenticated user who controls a virtual registry upstream could cause requests to internal hosts due to impr...
CVE-2026-7471 Server-Side Request Forgery (SSRF) in GitLab
GitLab has remediated an issue in GitLab EE affecting all versions from 18.8 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with control of a virtual registry upstream to make requests to internal hosts due to improper validation...
CVE-2026-7471 Server-Side Request Forgery (SSRF) in GitLab
GitLab has remediated an issue in GitLab EE affecting all versions from 18.8 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with control of a virtual registry upstream to make requests to internal hosts due to improper validation...
GitLab 代码问题漏洞
GitLab is an end-to-end software development platform provided by the American company GitLab. It includes built-in features such as version control, issue tracking, code review, and CI/CD continuous integration and delivery. There were code-related vulnerabilities in versions prior to GitLab EE...
PT-2026-40877
Name of the Vulnerable Software and Affected Versions GitLab EE versions 18.8 through 18.9.6 GitLab EE versions 18.10 through 18.10.5 GitLab EE versions 18.11 through 18.11.2 Description Improper validation allows an authenticated user who controls a virtual registry upstream to make requests to...
Gitlab -- vulnerabilities
Gitlab reports: Cross-site Scripting issue in Analytics dashboard chart rendering impacts GitLab EE Cross-site Scripting issue in global search impacts GitLab CE/EE Cross-site Scripting issue in Duo Agent output rendering impacts GitLab EE Cross-site Scripting issue in Analytics Dashboard impacts...
FreeBSD : Gitlab -- vulnerabilities (73b927a6-3ecd-11f1-be20-2cf05da270f3)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 73b927a6-3ecd-11f1-be20-2cf05da270f3 advisory. Gitlab reports: Cross-Site Request Forgery issue in GraphQL API impacts GitLab CE/EE GitLab...