Gitlab

GitLab

1271 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
3.1

CVE-2026-1751

Exploit
  • EPSS 0.01%
  • Veröffentlicht 02.02.2026 09:04:38
  • Zuletzt bearbeitet 04.02.2026 14:34:06

A vulnerability has been discovered in GitLab CE/EE affecting all versions starting with 16.8 before 18.5.0 that could have allowed unauthorized edits to merge request approval rules under certain conditions.

7.5

CVE-2025-13928

Medienbericht Exploit
  • EPSS 0.01%
  • Veröffentlicht 22.01.2026 13:34:18
  • Zuletzt bearbeitet 26.01.2026 21:08:36

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.7 before 18.6.4, 18.7 before 18.7.2, and 18.8 before 18.8.2 that could have allowed an unauthenticated user to cause a denial of service condition by exploiting incorrect a...

7.5

CVE-2025-13927

Medienbericht Exploit
  • EPSS 0.03%
  • Veröffentlicht 22.01.2026 13:34:13
  • Zuletzt bearbeitet 26.01.2026 21:07:51

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.9 before 18.6.4, 18.7 before 18.7.2, and 18.8 before 18.8.2 that could have allowed an unauthenticated user to create a denial of service condition by sending crafted reque...

7.4

CVE-2026-0723

Medienbericht Exploit
  • EPSS 0.01%
  • Veröffentlicht 22.01.2026 13:34:08
  • Zuletzt bearbeitet 26.01.2026 21:06:04

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.6 before 18.6.4, 18.7 before 18.7.2, and 18.8 before 18.8.2 that could have allowed an individual with existing knowledge of a victim's credential ID to bypass two-factor a...

7.5

CVE-2026-1102

  • EPSS 0.06%
  • Veröffentlicht 22.01.2026 13:33:53
  • Zuletzt bearbeitet 26.01.2026 21:09:33

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.3 before 18.6.4, 18.7 before 18.7.2, and 18.8 before 18.8.2 that could have allowed an unauthenticated user to create a denial of service condition by sending repeated malf...

6.5

CVE-2025-13335

Exploit
  • EPSS 0.01%
  • Veröffentlicht 22.01.2026 10:04:27
  • Zuletzt bearbeitet 26.01.2026 21:06:58

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.1 before 18.6.4, 18.7 before 18.7.2, and 18.8 before 18.8.2 that under certain circumstances could have allowed an authenticated user to create a denial of service conditio...

5.4

CVE-2025-11224

Exploit
  • EPSS 0.06%
  • Veröffentlicht 14.01.2026 18:58:03
  • Zuletzt bearbeitet 21.01.2026 21:14:32

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.10 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2 that could have allowed an authenticated user to execute stored cross-site scripting through improper input val...

5.4

CVE-2025-9222

  • EPSS 0.05%
  • Veröffentlicht 09.01.2026 10:15:47
  • Zuletzt bearbeitet 22.01.2026 17:20:15

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.2.2 before 18.5.5, 18.6 before 18.6.3, and 18.7 before 18.7.1 that could have allowed an authenticated user to achieve stored cross-site scripting by exploiting GitLab Flav...

3.5

CVE-2025-3950

  • EPSS 0.01%
  • Veröffentlicht 09.01.2026 10:15:46
  • Zuletzt bearbeitet 21.01.2026 19:19:06

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 10.3 before 18.5.5, 18.6 before 18.6.3, and 18.7 before 18.7.1 that could have allowed a user to leak certain information by referencing specially crafted images that bypass a...

9.6

CVE-2025-13761

  • EPSS 0.06%
  • Veröffentlicht 09.01.2026 10:15:45
  • Zuletzt bearbeitet 22.01.2026 17:26:37

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.6 before 18.6.3, and 18.7 before 18.7.1 that could have allowed an unauthenticated user to execute arbitrary code in the context of an authenticated user's browser by conv...