Gitlab

Gitlab

1222 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8

CVE-2025-6948

  • EPSS 0.06%
  • Published 10.07.2025 08:30:39
  • Last modified 25.07.2025 16:42:31

An issue has been discovered in GitLab CE/EE affecting all versions from 17.11 before 17.11.6, 18.0 before 18.0.4, and 18.1 before 18.1.2 that, under certain conditions, could have allowed a successful attacker to execute actions on behalf of users b...

5.3

CVE-2025-1754

  • EPSS 0.05%
  • Published 26.06.2025 05:31:40
  • Last modified 12.08.2025 14:41:54

An issue has been discovered in GitLab CE/EE affecting all versions from 17.2 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed unauthenticated attackers to upload arbitrary files to public projects by sending crafted...

8.8

CVE-2025-2938

  • EPSS 0.01%
  • Published 26.06.2025 05:31:30
  • Last modified 12.08.2025 14:42:33

An issue has been discovered in GitLab CE/EE affecting all versions from 17.3 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated users to gain elevated project privileges by requesting access to projects ...

6.5

CVE-2025-3279

  • EPSS 0.06%
  • Published 26.06.2025 05:31:25
  • Last modified 12.08.2025 14:42:56

An issue has been discovered in GitLab CE/EE affecting all versions from 10.7 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated attackers to create a DoS condition by sending crafted GraphQL requests.

4.3

CVE-2025-5315

  • EPSS 0.01%
  • Published 26.06.2025 05:31:15
  • Last modified 12.08.2025 14:43:14

An issue has been discovered in GitLab CE/EE affecting all versions from 17.2 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated users with Guest role permissions to add child items to incident work items...

4.3

CVE-2025-5846

  • EPSS 0.02%
  • Published 26.06.2025 05:31:05
  • Last modified 12.08.2025 14:44:01

An issue has been discovered in GitLab EE affecting all versions from 16.10 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated users to assign unrelated compliance frameworks to projects by sending crafte...

3.1

CVE-2023-5600

Exploit
  • EPSS 0.04%
  • Published 20.06.2025 19:31:08
  • Last modified 12.08.2025 14:52:25

An issue has been discovered in GitLab EE affecting all versions starting from 16.0 before 16.3.6, all versions starting from 16.4 before 16.4.2, all versions starting from 16.5 before 16.5.1. Arbitrary access to the titles of an private specific ref...

8.1

CVE-2024-4994

Exploit
  • EPSS 0.04%
  • Published 20.06.2025 18:14:37
  • Last modified 12.08.2025 14:52:02

An issue has been discovered in GitLab CE/EE affecting all versions from 16.1.0 before 16.11.5, all versions starting from 17.0 before 17.0.3, all versions starting from 17.1.0 before 17.1.1 which allowed for a CSRF attack on GitLab's GraphQL API lea...

7.5

CVE-2024-4025

  • EPSS 0.17%
  • Published 20.06.2025 18:14:33
  • Last modified 12.08.2025 14:51:39

A Denial of Service (DoS) condition has been discovered in GitLab CE/EE affecting all versions from 7.10 prior before 16.11.5, version 17.0 before 17.0.3, and 17.1 before 17.1.1. It is possible for an attacker to cause a denial of service using a cra...

6.1

CVE-2025-2443

  • EPSS 0.04%
  • Published 20.06.2025 17:12:54
  • Last modified 12.08.2025 14:50:31

An issue has been discovered in GitLab EE that allows for cross-site-scripting attack and content security policy bypass in a user's browser under specific conditions, affecting all versions from 16.6 before 17.9.7, 17.10 before 17.10.5, and 17.11 be...