CVE-2026-5796

GitLab CE/EE contains a fixed vulnerability (CVE-2026-5796) that could allow an authenticated user with Reporter-level group permissions to view package metadata from projects when the Package Registry is disabled. Affected versions include all 13.6.x prior to 18.11.6, 19.0.x prior to 19.0.3, and...

EUVD-2026-39174

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.6 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user with Reporter-level group permissions to view package metadata from projects with the...

CVE-2023-3964

Removed by vendor...

PT-2023-27043 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions 13.2 through 16.4.2 GitLab versions 16.5 through 16.5.2 GitLab versions 16.6 through 16.6.0 Description: An issue has been discovered in GitLab, allowing users to access composer packages on public projects that have package...

GitLab Security Breach

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery, and other features. A security vulnerability exists in GitLab that stems from a user being able to...