39 matches found
CVE-2025-11989
GitLab has remediated an issue in GitLab EE affecting all versions from 17.6.0 before 18.3.5, 18.4 before 18.4.3, and 18.5 before 18.5.1 that could have allowed an authenticated attacker to execute unauthorized quick actions by including malicious commands in specific descriptions...
EUVD-2025-35951
GitLab has remediated an issue in GitLab EE affecting all versions from 17.6.0 before 18.3.5, 18.4 before 18.4.3, and 18.5 before 18.5.1 that could have allowed an authenticated attacker to execute unauthorized quick actions by including malicious commands in specific descriptions...
CVE-2025-11989
GitLab has remediated an issue in GitLab EE affecting all versions from 17.6.0 before 18.3.5, 18.4 before 18.4.3, and 18.5 before 18.5.1 that could have allowed an authenticated attacker to execute unauthorized quick actions by including malicious commands in specific descriptions...
GitLab 安全漏洞
GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery, and other features. A security vulnerability exists in GitLab EE versions 17.6.0 to before 18.3.5,...
CVE-2025-11989
Removed by vendor...
CVE-2025-11989 Missing Authorization in GitLab
GitLab has remediated an issue in GitLab EE affecting all versions from 17.6.0 before 18.3.5, 18.4 before 18.4.3, and 18.5 before 18.5.1 that could have allowed an authenticated attacker to execute unauthorized quick actions by including malicious commands in specific descriptions...
CVE-2025-11989
GitLab CVE-2025-11989 affects GitLab Enterprise Edition (EE) prior to patches for several tracks: 17.6.0 to before 18.3.5, 18.4 to before 18.4.3, and 18.5 to before 18.5.1. The vulnerability could allow an authenticated attacker to execute unauthorized quick actions by injecting malicious command...
CVE-2025-11989 Missing Authorization in GitLab
GitLab has remediated an issue in GitLab EE affecting all versions from 17.6.0 before 18.3.5, 18.4 before 18.4.3, and 18.5 before 18.5.1 that could have allowed an authenticated attacker to execute unauthorized quick actions by including malicious commands in specific descriptions...
CVE-2025-11989 Missing Authorization in GitLab
GitLab has remediated an issue in GitLab EE affecting all versions from 17.6.0 before 18.3.5, 18.4 before 18.4.3, and 18.5 before 18.5.1 that could have allowed an authenticated attacker to execute unauthorized quick actions by including malicious commands in specific descriptions...
GitLab 17.10 < 18.3.5 / 18.4 < 18.4.3 / 18.5 < 18.5.1 (CVE-2025-10497)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Gitlab reports: Improper access control issue in runner API impacts GitLab EE Denial of service issue in event collection impacts GitLab CE/EE Denial of service issue in JSON validation impacts GitLab...
GitLab 18.4 < 18.4.3 / 18.5 < 18.5.1 (CVE-2025-6601)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Gitlab reports: Improper access control issue in runner API impacts GitLab EE Denial of service issue in event collection impacts GitLab CE/EE Denial of service issue in JSON validation impacts GitLab...
GitLab 11.0 < 18.3.5 / 18.4 < 18.4.3 / 18.5 < 18.5.1 (CVE-2025-11447)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Gitlab reports: Improper access control issue in runner API impacts GitLab EE Denial of service issue in event collection impacts GitLab CE/EE Denial of service issue in JSON validation impacts GitLab...
GitLab 11.7 < 18.3.5 / 18.4 < 18.4.3 / 18.5 < 18.5.1 (CVE-2025-11974)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Gitlab reports: Improper access control issue in runner API impacts GitLab EE Denial of service issue in event collection impacts GitLab CE/EE Denial of service issue in JSON validation impacts GitLab...
FreeBSD : Gitlab -- vulnerabilities (f741ea93-af61-11f0-98b5-2cf05da270f3)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the f741ea93-af61-11f0-98b5-2cf05da270f3 advisory. Gitlab reports: Improper access control issue in runner API impacts GitLab EE Denial of servic...
PT-2025-43140
Name of the Vulnerable Software and Affected Versions GitLab EE versions 17.6.0 through 18.3.5 GitLab EE versions 18.4.0 through 18.4.2 GitLab EE versions 18.5.0 through 18.5.0 Description An authenticated attacker could execute unauthorized quick actions by including malicious commands in specif...
Gitlab -- vulnerabilities
Gitlab reports: Improper access control issue in runner API impacts GitLab EE Denial of service issue in event collection impacts GitLab CE/EE Denial of service issue in JSON validation impacts GitLab CE/EE Denial of service issue in upload impacts GitLab CE/EE Incorrect Authorization issue in...
EUVD-2021-26273
Malware in sbrugna...
EUVD-2022-25216
Malicious code in bioql PyPI...
CVE-2021-39917
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.9 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. A regular expression related to quick actions features was susceptible to catastrophic backtracking...
BIT-GITLAB-2021-39917
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.9 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. A regular expression related to quick actions features was susceptible to catastrophic backtracking...