Lucene search
K

9 matches found

NVD
NVD
added 2026/06/11 12:16 p.m.16 views

CVE-2026-6552

GitLab has remediated an issue in GitLab EE affecting all versions from 15.5 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user with group Owner role to take over another group member's GitLab account due to improper...

8.7CVSS0.00278EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/11 10:20 a.m.9 views

EUVD-2026-36229

GitLab has remediated an issue in GitLab EE affecting all versions from 15.5 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user with group Owner role to take over another group member's GitLab account due to improper...

8.7CVSS5.5AI score0.00278EPSS
Exploits0References3
CVE
CVE
added 2026/06/11 10:20 a.m.32 views

CVE-2026-6552

GitLab Elasticsearch? No—this CVE concerns GitLab Enterprise Edition (GitLab EE). Affected versions: 15.5 up to but not including 18.10.8, 18.11 up to but not including 18.11.5, and 19.0 up to but not including 19.0.2. Root cause: improper authorization in Group SAML identity management allowed a...

8.7CVSS5.5AI score0.00278EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/11 10:20 a.m.8 views

CVE-2026-6552 Authorization Bypass Through User-Controlled Key in GitLab

GitLab has remediated an issue in GitLab EE affecting all versions from 15.5 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user with group Owner role to take over another group member's GitLab account due to improper...

8.7CVSS5.5AI score0.00278EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/11 10:20 a.m.30 views

CVE-2026-6552 Authorization Bypass Through User-Controlled Key in GitLab

GitLab has remediated an issue in GitLab EE affecting all versions from 15.5 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user with group Owner role to take over another group member's GitLab account due to improper...

8.7CVSS0.00278EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.12 views

GitLab Enterprise Edition(EE) 安全漏洞

GitLab Enterprise Edition EE is a content management system provided by the American company GitLab. Versions of GitLab EE prior to 15.5, 18.10.8, 18.11.5, and 19.0.2 contained security vulnerabilities. These vulnerabilities were caused by improper authorization in the Group SAML identity...

8.7CVSS5.3AI score0.00278EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2026/06/11 12:0 a.m.9 views

Gitlab -- vulnerabilities

Gitlab reports: Improper Access Control issue in Group SAML Identity API impacts GitLab EE Cross-site Scripting issue in Analytics Dashboard impacts GitLab EE Denial of Service issue in Grape API JSON parsing middleware impacts GitLab CE/EE HTML injection issue in certain group setting fields...

8.7CVSS5.4AI score0.0037EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.41 views

GitLab 15.5 < 18.10.8 / 18.11 < 18.11.5 / 19.0 < 19.0.2 (CVE-2026-6552)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in GitLab EE affecting all versions from 15.5 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an...

8.7CVSS5.4AI score0.00278EPSS
Exploits0References5
OSV
OSV
added 2022/06/06 5:5 p.m.32 views

CVE-2022-1680

An account takeover issue has been discovered in GitLab EE affecting all versions starting from 11.10 before 14.9.5, all versions starting from 14.10 before 14.10.4, all versions starting from 15.0 before 15.0.1. When group SAML SSO is configured, the SCIM feature available only on Premium+...

9.9CVSS6.6AI score0.15471EPSS
Exploits0References4
Rows per page
Query Builder