Gitlab

Gitlab

1247 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2025-2867

  • EPSS 0.02%
  • Veröffentlicht 27.03.2025 14:15:55
  • Zuletzt bearbeitet 13.08.2025 01:10:44

An issue has been discovered in the GitLab Duo with Amazon Q affecting all versions from 17.8 before 17.8.6, 17.9 before 17.9.3, and 17.10 before 17.10.1. A specifically crafted issue could manipulate AI-assisted development features to potentially e...

8

CVE-2024-9773

Exploit
  • EPSS 0.05%
  • Veröffentlicht 27.03.2025 12:31:27
  • Zuletzt bearbeitet 13.08.2025 01:20:58

An issue was discovered in GitLab EE affecting all versions starting from 14.9 before 17.8.6, all versions starting from 17.9 before 17.8.3, all versions starting from 17.10 before 17.10.1. An input validation issue in the Harbor registry integration...

5.4

CVE-2025-0811

Medienbericht Exploit
  • EPSS 0.1%
  • Veröffentlicht 27.03.2025 12:31:07
  • Zuletzt bearbeitet 13.08.2025 01:14:13

An issue has been discovered in GitLab CE/EE affecting all versions from 17.7 before 17.8.6, 17.9 before 17.9.3, and 17.10 before 17.10.1. Improper rendering of certain file types leads to cross-site scripting.

8.8

CVE-2025-2242

Medienbericht
  • EPSS 0.02%
  • Veröffentlicht 27.03.2025 12:30:57
  • Zuletzt bearbeitet 13.08.2025 01:13:26

An improper access control vulnerability in GitLab CE/EE affecting all versions from 17.4 prior to 17.8.6, 17.9 prior to 17.9.3, and 17.10 prior to 17.10.1 allows a user who was an instance admin before but has since been downgraded to a regular user...

5.4

CVE-2025-2255

Medienbericht Exploit
  • EPSS 0.1%
  • Veröffentlicht 27.03.2025 12:30:47
  • Zuletzt bearbeitet 13.08.2025 01:11:57

An issue has been discovered in Gitlab EE/CE for AppSec affecting all versions from 13.5.0 before 17.8.6, 17.9 before 17.9.3, and 17.10 before 17.10.1. Certain error messages could allow Cross-Site Scripting attacks (XSS). for AppSec.

7.4

CVE-2024-8402

Exploit
  • EPSS 0.12%
  • Veröffentlicht 13.03.2025 06:15:36
  • Zuletzt bearbeitet 08.08.2025 01:16:54

An issue was discovered in GitLab EE affecting all versions starting from 17.2 before 17.7.7, all versions starting from 17.8 before 17.8.5, all versions starting from 17.9 before 17.9.2. An input validation issue in the Google Cloud IAM integration ...

6.5

CVE-2025-0652

  • EPSS 0.03%
  • Veröffentlicht 13.03.2025 06:15:36
  • Zuletzt bearbeitet 08.08.2025 01:09:11

An issue has been discovered in GitLab EE/CE affecting all versions starting from 16.9 before 17.7.7, all versions starting from 17.8 before 17.8.5, all versions starting from 17.9 before 17.9.2 could allow unauthorized users to access confidential i...

7.5

CVE-2025-1257

  • EPSS 0.08%
  • Veröffentlicht 13.03.2025 06:15:36
  • Zuletzt bearbeitet 08.08.2025 01:07:44

An issue was discovered in GitLab EE affecting all versions starting with 12.3 before 17.7.7, 17.8 prior to 17.8.5, and 17.9 prior to 17.9.2. A vulnerability in certain GitLab instances could allow an attacker to cause a denial of service condition b...

7.5

CVE-2024-12380

  • EPSS 0.02%
  • Veröffentlicht 13.03.2025 06:15:35
  • Zuletzt bearbeitet 06.08.2025 18:33:59

An issue was discovered in GitLab EE/CE affecting all versions starting from 11.5 before 17.7.7, all versions starting from 17.8 before 17.8.5, all versions starting from 17.9 before 17.9.2. Certain user inputs in repository mirroring settings could ...

6.5

CVE-2024-13054

  • EPSS 2%
  • Veröffentlicht 13.03.2025 06:15:35
  • Zuletzt bearbeitet 06.08.2025 18:36:58

An issue was discovered in GitLab CE/EE affecting all versions before 17.7.7, 17.8 prior to 17.8.5, and 17.9 prior to 17.9.2. where a denial of service vulnerability could allow an attacker to cause a system reboot under certain conditions.