Gitlab

Gitlab

1222 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.4

CVE-2024-6356

Exploit
  • EPSS 0.04%
  • Veröffentlicht 05.02.2025 10:15:22
  • Zuletzt bearbeitet 06.08.2025 18:51:24

An issue was discovered in GitLab EE affecting all versions starting from 16.0 prior to 17.0.6, starting from 17.1 prior to 17.1.4, and starting from 17.2 prior to 17.2.2, which allowed cross project access for Security policy bot.

4.3

CVE-2023-6195

Exploit
  • EPSS 0.03%
  • Veröffentlicht 31.01.2025 00:15:08
  • Zuletzt bearbeitet 05.08.2025 20:55:28

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.5 prior to 16.9.7, starting from 16.10 prior to 16.10.5, and starting from 16.11 prior to 16.11.2. GitLab was vulnerable to Server Side Request Forgery when an attac...

8.8

CVE-2024-1211

  • EPSS 0.02%
  • Veröffentlicht 31.01.2025 00:15:08
  • Zuletzt bearbeitet 05.08.2025 20:57:34

An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.6 prior to 16.9.7, starting from 16.10 prior to 16.10.5, and starting from 16.11 prior to 16.11.2 in which cross-site request forgery may have been possible on GitLa...

4.3

CVE-2025-0290

  • EPSS 0.02%
  • Veröffentlicht 28.01.2025 09:15:09
  • Zuletzt bearbeitet 05.08.2025 20:45:33

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.0 prior to 17.5.5, from 17.6 prior to 17.6.3, and from 17.7 prior to 17.7.1. Under certain conditions, processing of CI artifacts metadata could cause background job...

6.1

CVE-2025-0314

  • EPSS 0.89%
  • Veröffentlicht 24.01.2025 03:15:07
  • Zuletzt bearbeitet 05.08.2025 20:41:24

An issue has been discovered in GitLab CE/EE affecting all versions from 17.2 before 17.6.4, 17.7 before 17.7.3, and 17.8 before 17.8.1. Improper rendering of certain file types lead to cross-site scripting.

5.3

CVE-2024-11931

Exploit
  • EPSS 0.02%
  • Veröffentlicht 24.01.2025 03:15:06
  • Zuletzt bearbeitet 05.08.2025 19:57:08

An issue has been discovered in GitLab CE/EE affecting all versions starting from 17.0 prior to 17.6.4, from 17.7 prior to 17.7.3, and from 17.8 prior to 17.8.1. Under certain conditions, it may have been possible for users with developer role to exf...

5.4

CVE-2024-13041

Exploit
  • EPSS 0.03%
  • Veröffentlicht 09.01.2025 07:15:26
  • Zuletzt bearbeitet 05.08.2025 15:12:48

An issue was discovered in GitLab CE/EE affecting all versions starting from 16.4 prior to 17.5.5, starting from 17.6 prior to 17.6.3, and starting from 17.7 prior to 17.7.1. When a user is created via the SAML provider, the external groups setting o...

4.3

CVE-2024-6324

Exploit
  • EPSS 0.15%
  • Veröffentlicht 09.01.2025 06:15:15
  • Zuletzt bearbeitet 05.08.2025 15:21:23

An issue was discovered in GitLab CE/EE affecting all versions starting from 15.7 prior to 17.5.5, starting from 17.6 prior to 17.6.3, and starting from 17.7 prior to 17.7.1. It was possible to trigger a DoS by creating cyclic references between epic...

4.3

CVE-2024-12431

Exploit
  • EPSS 0.05%
  • Veröffentlicht 08.01.2025 21:15:11
  • Zuletzt bearbeitet 05.08.2025 15:25:30

An issue was discovered in GitLab CE/EE affecting all versions starting from 15.5 before 17.5.5, 17.6 before 17.6.3, and 17.7 before 17.7.1, in which unauthorized users could manipulate the status of issues in public projects.

6.5

CVE-2025-0194

Exploit
  • EPSS 0.05%
  • Veröffentlicht 08.01.2025 20:15:29
  • Zuletzt bearbeitet 11.07.2025 20:34:44

An issue was discovered in GitLab CE/EE affecting all versions starting from 17.4 prior to 17.5.5, starting from 17.6 prior to 17.6.3, and starting from 17.7 prior to 17.7.1. Under certain conditions, access tokens may have been logged when API reque...