GitLab 13.7 < 18.2.8 / 18.3 < 18.3.4 / 18.4 < 18.4.2 (CVE-2025-9825)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.7 to 18.2.8, 18.3 before 18.3.4, and 18.4 before 18.4.2 that could have allowed authenticated users without project...

Linux Distros Unpatched Vulnerability : CVE-2023-2069

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab affecting all versions starting from 10.0 before 12.9.8, all versions starting from 12.10 before 12.10.7, all versions...

Linux Distros Unpatched Vulnerability : CVE-2023-5061

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab affecting all versions starting from 9.3 before 16.4.4, all versions starting from 16.5 before 16.5.4, all versions...

Linux Distros Unpatched Vulnerability : CVE-2023-3399

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab EE affecting all versions starting from 11.6 before 16.3.6, all versions starting from 16.4 before 16.4.2, all versions...

Vulnerabilities fixed in GitLab

GitLab has fixed vulnerabilities in both the Community and Enterprise Editions of GitLab. The vulnerabilities include falsely displaying full e-mail addresses to unauthorized users, insufficient input validation that can lead to Denial-of-Service, and the ability for attackers to expose masked CI...

CVE-2023-2069

An issue has been discovered in GitLab affecting all versions starting from 10.0 before 12.9.8, all versions starting from 12.10 before 12.10.7, all versions starting from 13.0 before 13.0.1. A user with the role of developer could use the import project feature to leak CI/CD variables...

CVE-2023-0989

An information disclosure issue in GitLab CE/EE affecting all versions starting from 13.11 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows an attacker to extract non-protected CI/CD variables by tricking a user to visit a fork with a malicious CI/CD configuration...

UBUNTU-CVE-2024-11931

An issue has been discovered in GitLab CE/EE affecting all versions starting from 17.0 prior to 17.6.4, from 17.7 prior to 17.7.3, and from 17.8 prior to 17.8.1. Under certain conditions, it may have been possible for users with developer role to exfiltrate protected CI variables via CI lint...

GitLab Security Breach

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD continuous integration and continuous delivery, and other features. A security vulnerability exists in GitLab that stems from the fact that under...

PT-2023-24618 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab EE versions 11.6 through 16.3.5 GitLab EE versions 16.4 through 16.4.1 GitLab EE versions 16.5 through 16.5.0 Description: An issue has been discovered in GitLab EE, where it was possible for an unauthorized project or group member to...

UBUNTU-CVE-2023-0989

An information disclosure issue in GitLab CE/EE affecting all versions starting from 13.11 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows an attacker to extract non-protected CI/CD variables by tricking a user to visit a fork with a malicious CI/CD configuration...

UBUNTU-CVE-2023-2069

An issue has been discovered in GitLab affecting all versions starting from 10.0 before 12.9.8, all versions starting from 12.10 before 12.10.7, all versions starting from 13.0 before 13.0.1. A user with the role of developer could use the import project feature to leak CI/CD variables...

PT-2023-17555 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions 10.0 through 12.9.7 GitLab versions 12.10 through 12.10.6 GitLab versions 13.0 through 13.0.0 Description: An issue has been discovered in GitLab where a user with the role of developer could use the import project feature to...

GitLab 安全漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD continuous integration and continuous delivery, and other features. A security vulnerability exists in GitLab CE/EE that stems from its incorrect...

PT-2022-13863 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 8.12 through 14.8.5 GitLab CE/EE versions 14.9.0 through 14.9.3 GitLab CE/EE version 14.10.0 Description: The issue is related to improper input validation, allowing a Developer to read protected Group or Project CI/CD...

PT-2021-14897 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 9.4 and up Description: An authorization issue allowed a group maintainer to modify group CI/CD variables, which should be restricted to group owners. Recommendations: For GitLab CE/EE versions 9.4 and up, consider...

GitLab 安全漏洞

GitLab is an open source application developed using Ruby on Rails that implements a self-hosted Git project repository that can be accessed through a web interface for public and private projects.GitLab EE is the GitLab Enterprise Edition and GitLab CE is the GitLab Community Edition. GitLab CE/...