1981 matches found
EUVD-2025-197692
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.2 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2 that could have allowed an authenticated attacker with reporter access to view branch names and pipeline details by accessing the packages API endpoint even wh...
CVE-2025-6171 Missing Authorization in GitLab
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.2 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2 that could have allowed an authenticated attacker with reporter access to view branch names and pipeline details by accessing the packages API endpoint even wh...
CVE-2025-7000 Insertion of Sensitive Information Into Sent Data in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions from 17.6 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2, that, under specific conditions, could have allowed unauthorized users to view confidential branch names by accessing project issues with related merge requests...
GitLab 17.1 < 18.3.5 / 18.4 < 18.4.3 / 18.5 < 18.5.1 (CVE-2025-11702)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in EE affecting all versions from 17.1 before 18.3.5, 18.4 before 18.4.3, and 18.5 before 18.5.1 that could have allowed an authenticated attacker with specific...
CVE-2025-10497
GitLab CVE-2025-10497 affects GitLab CE/EE versions: 17.10–18.3.5 before 18.3.5, 18.4 before 18.4.3, and 18.5 before 18.5.1. An unauthenticated attacker could cause a denial-of-service by sending specially crafted payloads. A patch is available in GitLab 18.5.1 (and related patch releases) to rem...
CVE-2025-11974
Removed by vendor...
CVE-2025-11447
CVE-2025-11447 affects GitLab CE/EE with DoS risk from unauthenticated GraphQL requests carrying crafted JSON payloads. Affected versions include 11.0–18.3.5, 18.4 prior to 18.4.3, and 18.5 prior to 18.5.1. Remediation has been issued; updates to GitLab 18.5.1 (and later) address the issue. Explo...
GitLab 11.0 < 18.3.5 / 18.4 < 18.4.3 / 18.5 < 18.5.1 (CVE-2025-11447)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Gitlab reports: Improper access control issue in runner API impacts GitLab EE Denial of service issue in event collection impacts GitLab CE/EE Denial of service issue in JSON validation impacts GitLab...
GitLab 10.6 < 18.3.5 / 18.4 < 18.4.3 / 18.5 < 18.5.1 (CVE-2025-11971)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Gitlab reports: Improper access control issue in runner API impacts GitLab EE Denial of service issue in event collection impacts GitLab CE/EE Denial of service issue in JSON validation impacts GitLab...
PT-2025-43135
Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 11.0 through 18.3.4 GitLab CE/EE versions 18.4 through 18.4.2 GitLab CE/EE versions 18.5 through 18.5.0 Description An issue has been resolved in GitLab CE/EE that could allow an unauthenticated attacker to cause a denial...
UBUNTU-CVE-2025-11340
GitLab has remediated an issue in GitLab EE affecting all versions from 18.3 to 18.3.4, 18.4 to 18.4.2 that, under certain conditions, could have allowed authenticated users with read-only API tokens to perform unauthorized write operations on vulnerability records by exploiting incorrectly scope...
CVE-2025-2934
CVE-2025-2934 affects GitLab CE/EE prior to 18.2.8, 18.3 prior to 18.3.4, and 18.4 prior to 18.4.2. An authenticated attacker could induce a denial-of-service by configuring malicious webhook endpoints that send crafted HTTP responses. The issue has been remediated in the patch releases GitLab 18...
CVE-2025-2934 Allocation of Resources Without Limits or Throttling in GitLab
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 5.2 prior to 18.2.8, 18.3 prior to 18.3.4, and 18.4 prior to 18.4.2 that could have allowed an authenticated attacker to create a denial of service condition by configuring malicious webhook endpoints that send crafted HTT...
GitLab 5.2 < 18.2.8 / 18.3 < 18.3.4 / 18.4 < 18.4.2 (CVE-2025-2934)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 5.2 prior to 18.2.8, 18.3 prior to 18.3.4, and 18.4 prior to 18.4.2 that could have allowed an authenticated attacker to crea...
GitLab 13.12 < 18.2.8 / 18.3 < 18.3.4 / 18.4 < 18.4.2 (CVE-2025-10004)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.12 to 18.2.8, 18.3 to 18.3.4, and 18.4 to 18.4.2 that could make the GitLab instance unresponsive or severely degraded by...
GitLab 18.3 < 18.3.4 / 18.4 < 18.4.2 (CVE-2025-11340)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in GitLab EE affecting all versions from 18.3 to 18.3.4, 18.4 to 18.4.2 that, under certain conditions, could have allowed authenticated users with read-only API tokens ...
EUVD-2020-5586
Malware in sbrugna...
EUVD-2021-26289
Malware in sbrugna...
EUVD-2020-4590
Malware in sbrugna...
EUVD-2019-16350
Malware in sbrugna...