Gitlab

Gitlab

1222 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2025-3111

  • EPSS 0.23%
  • Veröffentlicht 22.05.2025 13:30:43
  • Zuletzt bearbeitet 29.05.2025 15:58:19

An issue has been discovered in GitLab CE/EE affecting all versions from 10.2 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. A lack of input validation in the Kubernetes integration could allow an authenticated user to cause denial of ...

7.5

CVE-2025-4979

  • EPSS 0.02%
  • Veröffentlicht 22.05.2025 13:30:28
  • Zuletzt bearbeitet 08.08.2025 18:33:20

An issue has been discovered in GitLab CE/EE affecting all versions before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. An attacker may be able to reveal masked or hidden CI variables (that they did not author) in the WebUI, by simply creat...

7.5

CVE-2024-8973

  • EPSS 0.04%
  • Veröffentlicht 09.05.2025 16:14:45
  • Zuletzt bearbeitet 08.08.2025 16:54:24

An issue has been discovered in GitLab CE/EE affecting all versions starting from 17.1 prior to 17.9.8, from 17.10 prior to 17.10.6, and from 17.11 prior to 17.11.2. It was possible to cause a DoS condition via GitHub import requests using a maliciou...

6.8

CVE-2025-0549

Exploit
  • EPSS 0.01%
  • Veröffentlicht 09.05.2025 16:13:23
  • Zuletzt bearbeitet 08.08.2025 16:54:26

An issue has been discovered in GitLab CE/EE affecting all versions starting from 17.3 prior to 17.9.8, from 17.10 prior to 17.10.6, and from 17.11 prior to 17.11.2. A security vulnerability allows attackers to bypass Device OAuth flow protections, e...

7.5

CVE-2025-1278

  • EPSS 0.01%
  • Veröffentlicht 09.05.2025 16:13:14
  • Zuletzt bearbeitet 08.08.2025 18:32:48

An issue has been discovered in GitLab CE/EE affecting all versions from 12.0 before 17.9.8, 17.10 before 17.10.6, and 17.11 before 17.11.2. Under certain conditions users could bypass IP access restrictions and view sensitive information.

4.3

CVE-2024-12244

Exploit
  • EPSS 0.02%
  • Veröffentlicht 24.04.2025 07:31:11
  • Zuletzt bearbeitet 08.08.2025 16:54:18

An issue has been discovered in access controls could allow users to view certain restricted project information even when related features are disabled in GitLab EE, affecting all versions from 17.7 prior to 17.9.7, 17.10 prior to 17.10.5, and 17.11...

7.5

CVE-2025-0639

  • EPSS 0.05%
  • Veröffentlicht 24.04.2025 07:31:06
  • Zuletzt bearbeitet 08.08.2025 16:54:20

An issue has been discovered affecting service availability via issue preview in GitLab CE/EE affecting all versions from 16.7 before 17.9.7, 17.10 before 17.10.5, and 17.11 before 17.11.1.

7.7

CVE-2025-1908

Exploit
  • EPSS 0.01%
  • Veröffentlicht 24.04.2025 07:30:51
  • Zuletzt bearbeitet 08.08.2025 16:54:22

An issue has been discovered in GitLab EE/CE that could allow an attacker to track users' browsing activities, potentially leading to full account take-over, affecting all versions from 16.6 before 17.9.7, 17.10 before 17.10.5, and 17.11 before 17.11...

6.5

CVE-2025-0362

  • EPSS 0.01%
  • Veröffentlicht 10.04.2025 14:31:17
  • Zuletzt bearbeitet 07.08.2025 18:34:06

An issue has been discovered in GitLab CE/EE affecting all versions from 7.7 before 17.8.7, 17.9 before 17.9.6, and 17.10 before 17.10.4. Under certain conditions, an attacker could potentially trick users into unintentionally authorizing sensitive a...

5.3

CVE-2025-2469

Exploit
  • EPSS 0.01%
  • Veröffentlicht 10.04.2025 13:30:43
  • Zuletzt bearbeitet 07.08.2025 18:36:58

An issue has been discovered in GitLab CE/EE affecting all versions from 17.9 before 17.9.6, and 17.10 before 17.10.4. The runtime profiling data of a specific service was accessible to unauthenticated users.