PT-2025-29076 · Gitlab · Gitlab Ce/Ee

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 17.11 through 17.11.5 GitLab CE/EE versions 18.0 through 18.0.3 GitLab CE/EE versions 18.1 through 18.1.1 Description: An issue has been discovered in GitLab CE/EE that, under certain conditions, could allow an attacker ...

CVE-2025-0673 Loop with Unreachable Exit Condition ('Infinite Loop') in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 17.7 before 17.10.8, 17.11 before 17.11.4, and 18.0 before 18.0.2, allow an attacker to trigger an infinite redirect loop, potentially leading to a denial of service condition...

PT-2025-17706 · Gitlab · Gitlab Ce/Ee

Name of the Vulnerable Software and Affected Versions: GitLab EE/CE versions 16.6 through 17.9.7 GitLab EE/CE versions 17.10 through 17.10.5 GitLab EE/CE versions 17.11 through 17.11.1 Description: An issue has been discovered in GitLab EE/CE that could allow an attacker to track users' browsing...

CVE-2024-12619 Insufficient Granularity of Access Control in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 16.0 before 17.8.6, 17.9 before 17.9.3, and 17.10 before 17.10.1, allowing internal users to gain unauthorized access to internal projects...

BIT-GITLAB-2025-0475 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 15.10 prior to 17.7.6, 17.8 prior to 17.8.4, and 17.9 prior to 17.9.1. A proxy feature could potentially allow unintended content rendering leading to XSS under specific circumstances...

CVE-2024-9631 Inefficient Algorithmic Complexity in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 13.6 prior to 17.2.9, starting from 17.3 prior to 17.3.5, and starting from 17.4 prior to 17.4.2, where viewing diffs of MR with conflicts can be slow...

PT-2025-1086 · Gitlab · Gitlab Ce/Ee

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 15.7 through 17.5.5 GitLab CE/EE versions 17.6 through 17.6.3 GitLab CE/EE versions 17.7 through 17.7.1 Description: An issue was discovered in GitLab CE/EE that allows a denial of service DoS by creating cyclic referenc...

PT-2024-33781 · Gitlab · Gitlab Ce/Ee

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 16.1.0 through 16.11.4 GitLab CE/EE versions 17.0.0 through 17.0.2 GitLab CE/EE versions 17.1.0 Description: An issue has been discovered in GitLab CE/EE that allowed for a CSRF attack on GitLab's GraphQL API, leading to...

PT-2022-4568 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 11.10 through 15.1.6 GitLab CE/EE versions 15.2 through 15.2.4 GitLab CE/EE versions 15.3 through 15.3.2 Description: A vulnerability in GitLab CE/EE allows an authenticated user to achieve remote code execution via the...

CVE-2021-22220

An issue has been discovered in GitLab affecting all versions starting with 13.10. GitLab was vulnerable to a stored XSS in blob viewer of notebooks...