GitLab 安全漏洞

GitLab is an end-to-end software development platform provided by the American company GitLab. It includes built-in features such as version control, issue tracking, code review, and CI/CD Continuous Integration and Delivery. Vulnerabilities exist in versions of GitLab CE/EE 17.6 to 18.9.7, 18.10...

PT-2026-7516

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 18.7 through 18.7.3 GitLab CE/EE versions 18.8 through 18.8.3 Description An unauthenticated user could cause a denial of service through CPU exhaustion by submitting specially crafted markdown files. These files trigger...

UBUNTU-CVE-2025-10569

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.3 before 18.5.5, 18.6 before 18.6.3, and 18.7 before 18.7.1 that could have allowed an authenticated user to create a denial of service condition by providing crafted responses to external API calls...

CVE-2020-7969

GitLab EE 8.0 and later through 12.7.2 allows Information Disclosure...

EUVD-2020-28886

Malware in sbrugna...

EUVD-2025-12138

Malicious code in bioql PyPI...

PT-2025-26935 · Gitlab · Gitlab Ce/Ee

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 17.2 through 17.11.5 GitLab CE/EE versions 18.0 through 18.0.3 GitLab CE/EE versions 18.1 through 18.1.1 Description: An issue has been discovered in GitLab CE/EE that could have allowed unauthenticated attackers to uplo...

PT-2025-26452 · Gitlab · Gitlab Ce/Ee

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 7.10 through 16.11.5 GitLab CE/EE version 17.0 through 17.0.3 GitLab CE/EE version 17.1 through 17.1.1 Description: A Denial of Service DoS condition exists in GitLab CE/EE. An attacker can cause a denial of service by...

CVE-2024-6826

An issue has been discovered in GitLab CE/EE affecting all versions from 11.2 before 17.3.6, 17.4 before 17.4.3, and 17.5 before 17.5.1. A denial of service could occur via importing a malicious crafted XML manifest file...

PT-2024-10157 · Gitlab · Gitlab Ce/Ee

Name of the Vulnerable Software and Affected Versions: GitLab EE versions 14.3 through 17.4.6 GitLab EE versions 17.5 through 17.5.4 GitLab EE versions 17.6 through 17.6.2 Description: The issue is related to the Wiki History Diff feature in GitLab EE, which allows group users to view confidentia...

PT-2024-10155 · Gitlab · Gitlab Ce/Ee

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 13.9 through 17.4.6 GitLab CE/EE versions 17.5 through 17.5.4 GitLab CE/EE versions 17.6 through 17.6.2 Description: An issue exists in GitLab CE/EE that allows a remote attacker to cause uncontrolled CPU consumption,...

Vulnerability fixed in GitLab CE/EE

GitLab has fixed a vulnerability in GitLab CE/EE A malicious person could exploit the vulnerability under certain circumstances to start a Continuous Integration/Continuous Deployment CI/CD pipeline process as any other user. GitLab has released updates to fix the vulnerability in GitLab CE/EE...

PT-2022-20060 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions prior to 15.1.6 GitLab CE/EE versions 15.2 through 15.2.3 GitLab CE/EE versions 15.3 through 15.3.1 Description: An issue has been discovered in GitLab CE/EE that may allow an attacker to guess a user's password by brute...

PT-2022-21757 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 12.8 through 15.2.5 GitLab CE/EE versions 15.3 through 15.3.4 GitLab CE/EE versions 15.4 through 15.4.1 Description: The issue is related to improper access control in the GitLab CE/EE API. This allows an unauthorized us...

PT-2022-21588 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab EE versions 9.3 through 15.2.4 GitLab EE versions 15.3 through 15.3.3 GitLab EE versions 15.4 through 15.4.0 Description: Email addresses were leaked in WebHook logs. The issue affects GitLab EE, with the leak occurring in the logs...

CVE-2021-39927

Removed by vendor...

Gitlab 信任管理问题漏洞

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A trust management issue vulnerability exists in Gitlab...

PT-2019-17692 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions prior to 11.11.6 GitLab CE/EE versions prior to 12.0.4 GitLab CE/EE versions prior to 12.1.2 Description: An input validation and output encoding issue was discovered in the GitLab CE/EE wiki pages feature, which could...