Lucene search
+L

9 matches found

RedhatCVE
RedhatCVE
added 2026/07/09 9:35 a.m.6 views

CVE-2026-11827

A flaw was found in GitLab EE. An authenticated user with maintainer-role permissions could, under specific conditions, exploit improper authorization controls. This vulnerability allows the user to obtain other users' stored credentials, leading to unauthorized information disclosure...

4.9CVSS5.9AI score0.00255EPSS
Exploits0References6
OSV
OSV
added 2026/06/29 6:1 a.m.8 views

BIT-GITLAB-2026-12635 Reliance on Reverse DNS Resolution for a Security-Critical Action in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.3 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user with maintainer-role permissions to make requests to internal network resources through...

3.1CVSS5.8AI score0.00161EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.11 views

GitLab 8.3 < 18.11.6 / 19.0 < 19.0.3 / 19.1 < 19.1.1 (CVE-2026-12635)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.3 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an...

3.1CVSS5.9AI score0.00161EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/03/30 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-12697

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.5 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowe...

4.4CVSS5.9AI score0.00293EPSS
Exploits0References2
OSV
OSV
added 2026/03/13 9:30 a.m.5 views

BIT-GITLAB-2025-12697 Improper Encoding or Escaping of Output in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.5 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user with maintainer-role permissions to reveal Datadog API credentials under certain conditions...

4.4CVSS5.8AI score0.00293EPSS
Exploits0References4
NVD
NVD
added 2026/03/11 4:16 p.m.6 views

CVE-2025-12697

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.5 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user with maintainer-role permissions to reveal Datadog API credentials under certain conditions...

4.4CVSS0.00293EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/11 4:6 p.m.31 views

CVE-2025-12697 Improper Encoding or Escaping of Output in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.5 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user with maintainer-role permissions to reveal Datadog API credentials under certain conditions...

2.2CVSS0.00293EPSS
Exploits0References3
CVE
CVE
added 2026/03/11 4:6 p.m.60 views

CVE-2025-12697

GitLab CE/EE was affected by CVE-2025-12697. The issue could allow an authenticated user with maintainer permissions to reveal Datadog API credentials under certain conditions. Remediation has been applied in GitLab releases: 18.7.6 (for 15.5–18.7.x), 18.8.6, and 18.9.2, which address the vulnera...

4.4CVSS5.8AI score0.00293EPSS
Exploits0References3Affected Software1
Veracode
Veracode
added 2023/08/07 12:36 a.m.33 views

Information Disclosure

gitlab is vulnerable to Information Disclosure. A malicious authenticated maintainer is able to leak the sentry token by changing the configured URL in the sentry error tracking settings page...

5.5CVSS6.7AI score0.00711EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder