Gitlab

Gitlab

1222 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2025-0376

  • EPSS 0.75%
  • Veröffentlicht 12.02.2025 15:15:15
  • Zuletzt bearbeitet 06.08.2025 18:48:03

An XSS vulnerability exists in GitLab CE/EE affecting all versions from 13.3 prior to 17.6.5, 17.7 prior to 17.7.4 and 17.8 prior to 17.8.2 that allows an attacker to execute unauthorized actions via a change page.

6.5

CVE-2024-12379

Exploit
  • EPSS 0.15%
  • Veröffentlicht 12.02.2025 15:15:12
  • Zuletzt bearbeitet 06.08.2025 20:17:22

A denial of service vulnerability in GitLab CE/EE affecting all versions from 14.1 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 allows an attacker to impact the availability of GitLab via unbounded symbol creation via the scopes pa...

6.1

CVE-2024-10383

  • EPSS 0.28%
  • Veröffentlicht 07.02.2025 15:15:16
  • Zuletzt bearbeitet 14.08.2025 19:24:54

An issue has been discovered in the gitlab-web-ide-vscode-fork component distributed over CDN affecting all versions prior to 1.89.1-1.0.0-dev-20241118094343and used by all versions of GitLab CE/EE starting from 15.11 prior to 17.3 and which also tem...

6.5

CVE-2025-1072

  • EPSS 0.38%
  • Veröffentlicht 07.02.2025 04:15:07
  • Zuletzt bearbeitet 06.08.2025 20:11:21

A Denial of Service (DoS) issue has been discovered in GitLab CE/EE affecting all versions starting from 7.14.1 prior to 17.3.7, 17.4 prior to 17.4.4, and 17.5 prior to 17.5.2. A denial of service could occur upon importing maliciously crafted conten...

7.5

CVE-2024-2878

  • EPSS 4.4%
  • Veröffentlicht 05.02.2025 13:15:22
  • Zuletzt bearbeitet 06.08.2025 20:17:38

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.7 prior to 16.9.7, starting from 16.10 prior to 16.10.5, and starting from 16.11 prior to 16.11.2. It was possible for an attacker to cause a denial of service by cr...

6.5

CVE-2024-3976

  • EPSS 0.03%
  • Veröffentlicht 05.02.2025 12:15:27
  • Zuletzt bearbeitet 06.08.2025 18:59:35

An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.0 prior to 16.9.7, starting from 16.10 prior to 16.10.5, and starting from 16.11 prior to 16.11.2. It was possible to disclose via the UI the confidential issues tit...

5.4

CVE-2024-5528

Exploit
  • EPSS 0.05%
  • Veröffentlicht 05.02.2025 11:15:17
  • Zuletzt bearbeitet 06.08.2025 18:51:54

An issue was discovered in GitLab CE/EE affecting all versions prior to 16.11.6, starting from 17.0 prior to 17.0.4, and starting from 17.1 prior to 17.1.2, which allows a subdomain takeover in GitLab Pages.

7.5

CVE-2024-9631

Exploit
  • EPSS 0.09%
  • Veröffentlicht 05.02.2025 11:15:17
  • Zuletzt bearbeitet 06.08.2025 18:54:11

An issue was discovered in GitLab CE/EE affecting all versions starting from 13.6 prior to 17.2.9, starting from 17.3 prior to 17.3.5, and starting from 17.4 prior to 17.4.2, where viewing diffs of MR with conflicts can be slow.

7.5

CVE-2023-6386

  • EPSS 0.99%
  • Veröffentlicht 05.02.2025 10:15:22
  • Zuletzt bearbeitet 05.08.2025 21:03:00

A denial of service vulnerability was identified in GitLab CE/EE, affecting all versions from 15.11 prior to 16.6.7, 16.7 prior to 16.7.5 and 16.8 prior to 16.8.2 which allows an attacker to spike the GitLab instance resource usage resulting in servi...

5.3

CVE-2024-1539

  • EPSS 0.03%
  • Veröffentlicht 05.02.2025 10:15:22
  • Zuletzt bearbeitet 06.08.2025 18:51:02

An issue has been discovered in GitLab EE affecting all versions starting from 15.2 prior to 16.9.7, starting from 16.10 prior to 16.10.5, and starting from 16.11 prior to 16.11.2. It was possible to disclose updates to issues to a banned group membe...