4 matches found
CVE-2025-12506
CVE-2025-12506 affects GitLab CE/EE prior to the patched releases: 16.5–before 18.11.7, 19.0–before 19.0.4, and 19.1–before 19.1.2. The issue stems from improper handling of Git reference name resolution, which could allow an authenticated user to create a repository where the content shown in th...
EUVD-2025-210442
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.5 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user to create a repository where the content displayed in the web interface differed from t...
PT-2026-56585
Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 16.5 through 18.11.6 GitLab CE/EE versions 19.0 through 19.0.3 GitLab CE/EE versions 19.1 through 19.1.1 Description An issue exists where an authenticated user can create a repository where the content displayed in the w...
HashiCorp go-getter Vulnerable to Argument Injection When Fetching Remote Default Git Branches
When go-getter is performing a Git operation, go-getter will try to clone the given repository. If a Git reference is not passed along with the Git url, go-getter will then try to check the remote repository’s HEAD reference of its default branch by passing arguments to the Git binary on the host...