21285 matches found
CVE-2026-4922 Cross-Site Request Forgery (CSRF) in GitLab
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.0 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that could have allowed an unauthenticated user to execute GraphQL mutations on behalf of authenticated users due to insufficient CSRF protection...
CVE-2025-0186 Allocation of Resources Without Limits or Throttling in GitLab
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 10.6 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that could have allowed an authenticated user to cause denial of service under certain conditions by exhausting server resources by making crafted requests...
CVE-2025-0186 Allocation of Resources Without Limits or Throttling in GitLab
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 10.6 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that could have allowed an authenticated user to cause denial of service under certain conditions by exhausting server resources by making crafted requests...
CVE-2025-0186
Removed by vendor...
CVE-2025-0186
CVE-2025-0186 describes a denial-of-service vulnerability in GitLab CE/EE where an authenticated user could exhaust server resources by crafted requests to a discussions endpoint. Affected versions include all 10.6-era releases before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1. The is...
CVE-2025-0186
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 10.6 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that could have allowed an authenticated user to cause denial of service under certain conditions by exhausting server resources by making crafted requests...
CVE-2025-3922
GitLab CVE-2025-3922 affects GitLab CE/EE versions 12.4 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1. The issue arises from insufficient resource allocation limits in the GraphQL API, allowing an authenticated user to cause denial of service by overwhelming system resources under...
CVE-2025-3922 Allocation of Resources Without Limits or Throttling in GitLab
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.4 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that could have allowed an authenticated user to cause denial of service by overwhelming system resources under certain conditions due to insufficient...
CVE-2025-3922
Removed by vendor...
CVE-2025-3922
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.4 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that could have allowed an authenticated user to cause denial of service by overwhelming system resources under certain conditions due to insufficient...
CVE-2025-3922 Allocation of Resources Without Limits or Throttling in GitLab
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.4 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that could have allowed an authenticated user to cause denial of service by overwhelming system resources under certain conditions due to insufficient...
CVE-2025-6016
CVE-2025-6016 affects GitLab CE/EE: versions 9.2 through 18.9.5, 18.10 through 18.10.3, and 18.11 through 18.11.0. The issue allows an authenticated user to trigger a denial of service due to insufficient resource allocation limits when retrieving notes under certain conditions. The root cause is...
CVE-2025-6016
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.2 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that could have allowed an authenticated user to cause denial of service due to insufficient resource allocation limits when retrieving notes under certain...
CVE-2025-6016 Allocation of Resources Without Limits or Throttling in GitLab
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.2 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that could have allowed an authenticated user to cause denial of service due to insufficient resource allocation limits when retrieving notes under certain...
CVE-2025-6016 Allocation of Resources Without Limits or Throttling in GitLab
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.2 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that could have allowed an authenticated user to cause denial of service due to insufficient resource allocation limits when retrieving notes under certain...
CVE-2025-6016
Removed by vendor...
CVE-2025-9957 Incorrect Authorization in GitLab
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.2 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that under certain conditions could have allowed an authenticated user with project owner permissions to bypass group fork prevention settings due to...
CVE-2025-9957
Removed by vendor...
CVE-2025-9957 Incorrect Authorization in GitLab
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.2 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that under certain conditions could have allowed an authenticated user with project owner permissions to bypass group fork prevention settings due to...
CVE-2025-9957
GitLab CVE-2025-9957 affects GitLab CE/EE across all versions 11.2 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1. The issue stemmed from improper authorization checks that could allow an authenticated user with project owner permissions to bypass group fork prevention settings. Th...