957 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-2030
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions from 12.2 prior to 16.5.6, 16.6 prior to 16.6.4, and 16.7 prior to 16.7.2 in which an attack...
Linux Distros Unpatched Vulnerability : CVE-2024-1736
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions prior to 16.10.7, starting from 16.11 prior to 16.11.4, and starting from 17.0 prior to...
CVE-2025-6186 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions from 18.1 before 18.1.4, and 18.2 before 18.2.2 that could have allowed authenticated users to achieve account takeover by injecting malicious HTML into work item names...
CVE-2025-0765 Incorrect Authorization in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions from 17.9 before 18.0.5, 18.1 before 18.1.3, and 18.2 before 18.2.1 that could have allowed an unauthorized user to access custom service desk email addresses...
GitLab Enterprise Edition(EE)和GitLab Community Edition(CE) 安全漏洞
GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of GitLab, Inc. GitLab Enterprise Edition is a content management system. GitLab Enterprise Edition is a content management system. A security vulnerability exists in GitLab CE and EE versions prior to 15.4 to 18.0.5,...
CVE-2025-4439
An issue has been discovered in GitLab CE/EE affecting all versions from 15.10 before 18.0.5, 18.1 before 18.1.3, and 18.2 before 18.2.1 that could have allowed an authenticated user to perform cross-site scripting attacks when the instance is served through certain content delivery networks...
CVE-2025-4439 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions from 15.10 before 18.0.5, 18.1 before 18.1.3, and 18.2 before 18.2.1 that could have allowed an authenticated user to perform cross-site scripting attacks when the instance is served through certain content delivery networks...
PT-2025-30609 · Gitlab · Gitlab Ce/Ee
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 15.10 through 18.0.5 GitLab CE/EE versions 18.1 through 18.1.3 GitLab CE/EE versions 18.2 through 18.2.1 Description: An issue exists in GitLab CE/EE that, under specific circumstances, could allow a successful attacker ...
PT-2025-30613 · Gitlab · Gitlab Ce/Ee
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 15.10 through 18.0.4 GitLab CE/EE versions 18.1 through 18.1.2 GitLab CE/EE versions 18.2 through 18.2.0 Description: An issue exists in GitLab CE/EE that could allow an authenticated user to perform cross-site scripting...
PT-2025-30635 · Gitlab · Gitlab Ce/Ee
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 15.0 through 18.0.4 GitLab CE/EE versions 18.1 through 18.1.2 GitLab CE/EE versions 18.2 through 18.2.0 Description: An issue allows privileged users to access certain resource group information through the API that shou...
PT-2025-30636 · Gitlab · Gitlab Ce/Ee
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 17.9 through 18.0.4 GitLab CE/EE versions 18.1 through 18.1.2 GitLab CE/EE versions 18.2 through 18.2.0 Description: An issue exists in GitLab CE/EE that could allow an unauthorized user to access custom service desk ema...
PT-2025-30637 · Gitlab · Gitlab Ce/Ee
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 15.4 through 18.0.4 GitLab CE/EE versions 18.1 through 18.1.2 GitLab CE/EE versions 18.2 through 18.2.0 Description: An issue exists that may allow an unauthorized user to read deployment job logs by sending a crafted...
Gitlab -- vulnerabilities
Gitlab reports: Cross-site scripting issue impacts Kubernetes Proxy in GitLab CE/EE Cross-site scripting issue impacts Kubernetes Proxy in GitLab CE/EE using CDNs Exposure of Sensitive Information to an Unauthorized Actor issue impacts GitLab CE/EE Improper Access Control issue impacts GitLab EE...
Gitlab -- vulnerabilities
Gitlab reports: Cross-site scripting issue impacts GitLab CE/EE Improper authorization issue impacts GitLab CE/EE Improper authorization issue impacts GitLab EE Improper authorization issue impacts GitLab EE...
BIT-GITLAB-2025-3279 Allocation of Resources Without Limits or Throttling in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions from 10.7 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated attackers to create a DoS condition by sending crafted GraphQL requests...
CVE-2025-2938
An issue has been discovered in GitLab CE/EE affecting all versions from 17.3 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated users to gain elevated project privileges by requesting access to projects where role modifications during the approval...
CVE-2025-5315 Missing Authorization in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions from 17.2 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated users with Guest role permissions to add child items to incident work items by sending crafted API requests that bypassed...
PT-2025-26938 · Gitlab · Gitlab Ce/Ee
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 17.2 through 17.11.4 GitLab CE/EE versions 18.0 through 18.0.2 GitLab CE/EE versions 18.1 through 18.1.0 Description: An issue has been discovered that could have allowed authenticated users with Guest role permissions t...
PT-2025-26936 · Gitlab · Gitlab Ce/Ee
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 17.3 through 17.11.5 GitLab CE/EE versions 18.0 through 18.0.3 GitLab CE/EE versions 18.1 through 18.1.1 Description: An issue has been discovered in GitLab CE/EE that could allow authenticated users to gain elevated...
PT-2025-26935 · Gitlab · Gitlab Ce/Ee
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 17.2 through 17.11.5 GitLab CE/EE versions 18.0 through 18.0.3 GitLab CE/EE versions 18.1 through 18.1.1 Description: An issue has been discovered in GitLab CE/EE that could have allowed unauthenticated attackers to uplo...