Lucene search
+L

1118 matches found

CNNVD
CNNVD
added 2026/04/08 12:0 a.m.11 views

GitLab 安全漏洞

GitLab is an end-to-end software development platform provided by the American company GitLab. It includes built-in features such as version control, issue tracking, code review, and CI/CD Continuous Integration and Delivery. Vulnerabilities exist in versions of GitLab CE/EE before 18.8.9, 18.9.5...

7.5CVSS7.4AI score0.00577EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/03/30 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-12576

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.3 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that under certain...

6.5CVSS5.9AI score0.00385EPSS
Exploits0References2
OSV
OSV
added 2026/03/27 12:11 p.m.6 views

BIT-GITLAB-2025-13078 Improper Validation of Specified Quantity in Input in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.10 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an authenticated user to cause a denial of service due to excessive resource consumption when processing certain webhook configurati...

6.5CVSS5.9AI score0.00417EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/03/26 5:1 p.m.6 views

CVE-2025-13436

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.7 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an authenticated user to cause a denial of service due to excessive resource consumption when handling certain CI-related inputs...

6.5CVSS5.8AI score0.00417EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 5:1 p.m.6 views

CVE-2025-13078

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.10 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an authenticated user to cause a denial of service due to excessive resource consumption when processing certain webhook configurati...

6.5CVSS5.8AI score0.00417EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 5:0 p.m.7 views

CVE-2026-2726

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.10 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an authenticated user to perform unauthorized actions on merge requests in other projects due to improper access control during...

4.3CVSS5.8AI score0.00194EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 5:0 p.m.12 views

CVE-2026-3857

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an unauthenticated user to execute arbitrary GraphQL mutations on behalf of authenticated users due to insufficient CSRF protection...

8.1CVSS6.1AI score0.00169EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:1 p.m.4 views

CVE-2026-1090

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 10.6 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user, when the markdownplaceholders feature flag was enabled, to inject JavaScript in a browser due to improper...

8.7CVSS5.8AI score0.00231EPSS
Exploits0References1
OSV
OSV
added 2026/03/25 5:16 p.m.12 views

UBUNTU-CVE-2026-2745

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 7.11 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an unauthenticated user to bypass WebAuthn two-factor authentication and gain unauthorized access to user accounts due to inconsisten...

8.1CVSS5.8AI score0.00276EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/03/25 5:16 p.m.3 views

CVE-2026-2726

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.10 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an authenticated user to perform unauthorized actions on merge requests in other projects due to improper access control during...

4.3CVSS5.8AI score0.00194EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/03/25 5:16 p.m.6 views

CVE-2025-13078

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.10 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an authenticated user to cause a denial of service due to excessive resource consumption when processing certain webhook configurati...

6.5CVSS5.8AI score0.00417EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.11 views

GitLab Enterprise Edition(EE)和GitLab Community Edition(CE) 安全漏洞

GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of the American company GitLab. GitLab Enterprise Edition is a content management system. GitLab Community Edition is a community version of GitLab. Versions of GitLab CE/EE prior to 18.8.7, 18.9.3, and 18.10.1 contain...

4.3CVSS5.8AI score0.00194EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.5 views

PT-2026-28063

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 17.10 through 18.8.6 GitLab CE/EE versions 18.9 through 18.9.2 GitLab CE/EE versions 18.10 through 18.10.0 Description An issue exists in GitLab CE/EE that could allow an unauthenticated user to execute arbitrary GraphQL...

8.1CVSS6.1AI score0.00169EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2026/03/18 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-1230

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 1.0 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed...

6.5CVSS6AI score0.00192EPSS
Exploits0References2
OSV
OSV
added 2026/03/13 9:31 a.m.8 views

BIT-GITLAB-2025-14513 Improper Validation of Specified Quantity in Input in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.11 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an unauthenticated user to cause a denial of service condition due to improper input validation when processing specially crafted JSON...

7.5CVSS5.8AI score0.00475EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/03/12 2:15 a.m.4 views

CVE-2026-1182

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.14 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user to gain unauthorized access to confidential issue title created in public projects under certain circumstances...

4.3CVSS5.9AI score0.00194EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/12 12:0 a.m.5 views

PT-2026-24905

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.14 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user to gain unauthorized access to confidential issue title created in public projects under certain circumstances...

4.3CVSS5.8AI score0.00194EPSS
Exploits0References7
EUVD
EUVD
added 2026/03/11 6:30 p.m.7 views

EUVD-2025-208575

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 10.0 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an unauthenticated user to cause a denial of service by issuing specially crafted requests to repository archive endpoints under certai...

7.5CVSS5.8AI score0.00523EPSS
Exploits0References5
EUVD
EUVD
added 2026/03/11 6:30 p.m.8 views

EUVD-2025-208574

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.11 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user to cause a denial of service condition due to improper input validation on webhook custom header names under...

6.5CVSS5.8AI score0.00385EPSS
Exploits0References4
NVD
NVD
added 2026/03/11 4:16 p.m.6 views

CVE-2026-3848

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.11 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user to make unintended internal requests through proxy environments under certain conditions due to improper input...

5CVSS0.00187EPSS
Exploits0References2
Rows per page
Query Builder