PT-2026-40871

Name of the Vulnerable Software and Affected Versions GitLab EE versions 11.10 through 18.9.6 GitLab EE versions 18.10 through 18.10.5 GitLab EE versions 18.11 through 18.11.2 Description Improper access control allows an authenticated user with developer-role permissions to remove code owner...

Linux Distros Unpatched Vulnerability : CVE-2023-4812

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab EE affecting all versions starting from 15.3 before 16.5.6, all versions starting from 16.6 before 16.6.4, all versions...

Gitlab -- Vulnerabilities

Gitlab reports: ReDoS via EpicReferenceFilter in any Markdown fields New commits to private projects visible in forks created while project was public New commits to private projects visible in forks created while project was public Maintainer can leak masked webhook secrets by manipulating URL...

FreeBSD : Gitlab -- Multiple Vulnerabilities (e8483115-8b8e-11ea-bdcf-001b217b3468)

Gitlab reports : Path Traversal in NuGet Package Registry Workhorse Bypass Leads to File Disclosure OAuth Application Client Secrets Revealed Code Owners Approval Rules Are Not Updated for Existing Merge Requests When Source Branch Changes Code Owners Protection Not Enforced from Web UI Repositor...

Gitlab -- Multiple Vulnerabilities

Gitlab reports: Path Traversal in NuGet Package Registry Workhorse Bypass Leads to File Disclosure OAuth Application Client Secrets Revealed Code Owners Approval Rules Are Not Updated for Existing Merge Requests When Source Branch Changes Code Owners Protection Not Enforced from Web UI Repository...