Lucene search
K

17 matches found

NVD
NVD
added 2026/06/25 5:16 a.m.8 views

CVE-2026-5952

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.11 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user with developer-role permissions to bypass package protection rules and overwrite...

4.3CVSS0.00195EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/25 4:34 a.m.5 views

EUVD-2026-39173

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.11 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user with developer-role permissions to bypass package protection rules and overwrite...

4.3CVSS5.9AI score0.00195EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.10 views

PT-2026-52206

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 17.11 through 18.11.5 GitLab CE/EE versions 19.0 through 19.0.2 GitLab CE/EE versions 19.1 through 19.1.0 Description An incorrect authorization check allows an authenticated user with developer-role permissions to bypass...

4.3CVSS5.8AI score0.00195EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/06/05 7:37 p.m.11 views

CVE-2026-3607

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.3 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with developer-role permissions to bypass package protection rules due to improper access control...

4.3CVSS5.5AI score0.00228EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-3607

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.3 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have...

4.3CVSS5.8AI score0.00228EPSS
Exploits0References2
NVD
NVD
added 2026/05/14 6:16 a.m.10 views

CVE-2026-3607

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.3 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with developer-role permissions to bypass package protection rules due to improper access control...

4.3CVSS0.00228EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/14 6:16 a.m.12 views

CVE-2026-3607

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.3 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with developer-role permissions to bypass package protection rules due to improper access control...

4.3CVSS5.8AI score0.00228EPSS
Exploits0References4
OSV
OSV
added 2026/05/14 6:16 a.m.4 views

UBUNTU-CVE-2026-3607

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.3 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with developer-role permissions to bypass package protection rules due to improper access control...

4.3CVSS5.8AI score0.00228EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/05/14 5:36 a.m.12 views

CVE-2026-3073 Authorization Bypass Through User-Controlled Key in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.6 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with developer-role permissions to bypass PyPI package protection rules and upload restricted packages due to...

4.3CVSS5.8AI score0.00218EPSS
Exploits0References3
CVE
CVE
added 2026/05/14 5:36 a.m.31 views

CVE-2026-3073

Summary: GitLab fixed an authorization issue in GitLab CE/EE. Before the patch, versions 17.6 up to (but not including) 18.9.7, 18.10 up to (but not including) 18.10.6, and 18.11 up to (but not including) 18.11.3 allowed an authenticated user with developer-role permissions to bypass PyPI package...

4.3CVSS5.8AI score0.00218EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/05/14 5:35 a.m.44 views

CVE-2026-3607

GitLab CE/EE is affected across versions 18.3–18.11 prior to the fixed releases (18.9.7, 18.10.6, and 18.11.3). An authenticated user with developer-role permissions could bypass package protection rules due to improper access control. The issue has a CVSS v3.1 base score of 4.3 (Medium), with ne...

4.3CVSS5.8AI score0.00228EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/05/14 5:35 a.m.38 views

CVE-2026-3607 Access Control Check Implemented After Asset is Accessed in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.3 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with developer-role permissions to bypass package protection rules due to improper access control...

4.3CVSS0.00228EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/14 5:35 a.m.10 views

CVE-2026-3607

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.3 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with developer-role permissions to bypass package protection rules due to improper access control...

4.3CVSS5.8AI score0.00228EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/05/14 5:35 a.m.11 views

EUVD-2026-30227

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.3 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with developer-role permissions to bypass package protection rules due to improper access control...

4.3CVSS5.8AI score0.00228EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/05/14 5:35 a.m.9 views

CVE-2026-3607

Removed by vendor...

4.3CVSS5.8AI score0.00228EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.10 views

PT-2026-40864

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 18.3 through 18.9.6 GitLab CE/EE versions 18.10 through 18.10.5 GitLab CE/EE versions 18.11 through 18.11.2 Description Improper access control allows an authenticated user with developer-role permissions to bypass packag...

4.3CVSS5.8AI score0.00228EPSS
Exploits0References5
Qualys Blog
Qualys Blog
added 2024/04/12 3:29 p.m.28 views

De-risk the Software Supply Chain by Expanding Unparalleled Detection Coverage With Qualys VMDR and Software Composition Analysis

QIDs/CVEs When it comes to cybersecurity, speed is key in getting an edge over attackers. But when you consider that vulnerabilities weaponize 24 days faster than then they are remediated on average, cybersecurity stakeholders have a lot of catching up to do. While there are many ways defenders c...

7AI score
Exploits0
Rows per page
Query Builder