Gitlab

GitLab

1368 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2025-12669

Exploit
  • EPSS 0.03%
  • Veröffentlicht 14.05.2026 05:38:37
  • Zuletzt bearbeitet 16.05.2026 03:38:23

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.11 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user to inject HTML and JavaScript into email notifications sent t...

4.3

CVE-2025-13874

Exploit
  • EPSS 0.01%
  • Veröffentlicht 14.05.2026 05:38:27
  • Zuletzt bearbeitet 16.05.2026 03:38:37

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.1 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with Guest permissions to view issues in projects they were no...

7.5

CVE-2025-14869

Exploit
  • EPSS 0.03%
  • Veröffentlicht 14.05.2026 05:38:02
  • Zuletzt bearbeitet 16.05.2026 03:38:10

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.5 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an unauthenticated user to cause denial of service by sending specially crafted payl...

7.5

CVE-2025-14870

Exploit
  • EPSS 0.04%
  • Veröffentlicht 14.05.2026 05:37:32
  • Zuletzt bearbeitet 16.05.2026 03:38:00

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.5 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an unauthenticated user to cause denial of service by sending specially crafted JSON...

7.5

CVE-2026-1184

Exploit
  • EPSS 0.02%
  • Veröffentlicht 14.05.2026 05:37:02
  • Zuletzt bearbeitet 16.05.2026 03:37:47

GitLab has remediated an issue in GitLab EE affecting all versions from 11.9 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an unauthenticated user to cause denial of service by uploading a specially crafted fil...

8.1

CVE-2026-1322

Exploit
  • EPSS 0.01%
  • Veröffentlicht 14.05.2026 05:36:47
  • Zuletzt bearbeitet 16.05.2026 03:37:08

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.0 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with a read_api scoped OAuth application to create issues and ...

4.3

CVE-2026-1338

Exploit
  • EPSS 0.01%
  • Veröffentlicht 14.05.2026 05:36:42
  • Zuletzt bearbeitet 16.05.2026 03:36:54

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with developer-role permissions to delete protected container...

7.5

CVE-2026-1659

Exploit
  • EPSS 0.04%
  • Veröffentlicht 14.05.2026 05:36:32
  • Zuletzt bearbeitet 15.05.2026 19:58:58

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.0 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an unauthenticated user to cause denial of service by sending specially crafted reque...

2.7

CVE-2026-2900

Exploit
  • EPSS 0.01%
  • Veröffentlicht 14.05.2026 05:36:17
  • Zuletzt bearbeitet 16.05.2026 03:36:41

GitLab has remediated an issue in GitLab EE affecting all versions from 16.10 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that when instance-level approval rule editing prevention was enabled, could have allowed an authenticated use...

4.3

CVE-2026-3073

Exploit
  • EPSS 0.01%
  • Veröffentlicht 14.05.2026 05:36:12
  • Zuletzt bearbeitet 16.05.2026 03:36:17

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.6 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with developer-role permissions to bypass PyPI package protect...