PT-2026-40860

Name of the Vulnerable Software and Affected Versions GitLab EE versions 16.10 through 18.9.6 GitLab EE versions 18.10 through 18.10.5 GitLab EE versions 18.11 through 18.11.2 Description An issue exists where missing authorization checks could allow an authenticated user with Maintainer...

PT-2026-40862

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 16.7 through 18.9.6 GitLab CE/EE versions 18.10 through 18.10.5 GitLab CE/EE versions 18.11 through 18.11.2 Description Improper access control allows an unauthenticated user to download private debugging symbols from...

GitLab 安全漏洞

GitLab is an end-to-end software development platform provided by the American company GitLab. It includes built-in features such as version control, issue tracking, code review, and CI/CD Continuous Integration and Delivery. Vulnerabilities exist in versions of GitLab CE/EE 17.6 to 18.9.7, 18.10...

GitLab 16.7 < 18.9.7 / 18.10 < 18.10.6 / 18.11 < 18.11.3 (CVE-2026-3074)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Authorization Bypass Through User-Controlled Key in GitLab CVE-2026-3074 Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...

FreeBSD : Gitlab -- vulnerabilities (b3cb8f40-4f4c-11f1-80f1-2cf05da270f3)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the b3cb8f40-4f4c-11f1-80f1-2cf05da270f3 advisory. Gitlab reports: Cross-site Scripting issue in Analytics dashboard chart rendering impacts GitL...

GitLab 11.10 < 18.9.7 / 18.10 < 18.10.6 / 18.11 < 18.11.3 (CVE-2026-6063)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Authorization Bypass Through User-Controlled Key in GitLab CVE-2026-6063 Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...

GitLab 11.9 < 18.9.7 / 18.10 < 18.10.6 / 18.11 < 18.11.3 (CVE-2026-1184)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Deserialization of Untrusted Data in GitLab CVE-2026-1184 Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL...

GitLab 安全漏洞

GitLab is an end-to-end software development platform provided by the American company GitLab. It includes built-in features such as version control, issue tracking, code review, and CI/CD Continuous Integration and Delivery. Security vulnerabilities exist in versions of GitLab EE from 16.10 to...

GitLab 安全漏洞

GitLab is an end-to-end software development platform provided by the American company GitLab. It includes built-in features such as version control, issue tracking, code review, and CI/CD continuous integration and delivery. There were security vulnerabilities in versions prior to GitLab EE...

PT-2026-40877

Name of the Vulnerable Software and Affected Versions GitLab EE versions 18.8 through 18.9.6 GitLab EE versions 18.10 through 18.10.5 GitLab EE versions 18.11 through 18.11.2 Description Improper validation allows an authenticated user who controls a virtual registry upstream to make requests to...

GitLab 安全漏洞

GitLab is an end-to-end software development platform provided by the American company GitLab. It includes built-in features such as version control, issue tracking, code review, and CI/CD Continuous Integration and Delivery. Vulnerabilities exist in versions of GitLab CE/EE 18.3 to 18.9.7, 18.10...

PT-2026-40871

Name of the Vulnerable Software and Affected Versions GitLab EE versions 11.10 through 18.9.6 GitLab EE versions 18.10 through 18.10.5 GitLab EE versions 18.11 through 18.11.2 Description Improper access control allows an authenticated user with developer-role permissions to remove code owner...

GitLab 安全漏洞

GitLab is an end-to-end software development platform provided by the American company GitLab. It includes built-in features such as version control, issue tracking, code review, and CI/CD continuous integration and delivery. Vulnerabilities exist in versions of GitLab CE/EE 16.7 to 18.9.7, 18.10...

GitLab 代码问题漏洞

GitLab is an end-to-end software development platform provided by the American company GitLab. It includes built-in features such as version control, issue tracking, code review, and CI/CD continuous integration and delivery. There were code-related vulnerabilities in versions of GitLab EE betwee...

GitLab 安全漏洞

GitLab is an end-to-end software development platform provided by the American company GitLab. It includes built-in features such as version control, issue tracking, code review, and CI/CD Continuous Integration and Delivery. Vulnerabilities exist in versions of GitLab CE/EE 16.0 to 18.9.7, 18.10...

PT-2026-40875

Name of the Vulnerable Software and Affected Versions GitLab EE versions 15.7 through 18.9.6 GitLab EE versions 18.10 through 18.10.5 GitLab EE versions 18.11 through 18.11.2 Description An issue exists where an authenticated user can bypass merge request approval requirements. This occurs due to...

GitLab 17.6 < 18.9.7 / 18.10 < 18.10.6 / 18.11 < 18.11.3 (CVE-2026-3073)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Authorization Bypass Through User-Controlled Key in GitLab CVE-2026-3073 Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...

GitLab 13.7 < 18.9.7 / 18.10 < 18.10.6 / 18.11 < 18.11.3 (CVE-2026-3160)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Unintended Proxy or Intermediary 'Confused Deputy' in GitLab CVE-2026-3160 Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...

GitLab 9.0 < 18.9.7 / 18.10 < 18.10.6 / 18.11 < 18.11.3 (CVE-2026-1659)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Allocation of Resources Without Limits or Throttling in GitLab CVE-2026-1659 Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version numbe...

GitLab 跨站脚本漏洞

GitLab is an end-to-end software development platform provided by the American company GitLab. It includes built-in features such as version control, issue tracking, code review, and CI/CD Continuous Integration and Delivery. Versions of GitLab prior to 18.9.7, 18.10.6, and 18.11.3 contained a...