Gitlab

Gitlab

1247 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2025-7000

  • EPSS 0.01%
  • Veröffentlicht 15.11.2025 08:15:46
  • Zuletzt bearbeitet 20.11.2025 21:03:40

An issue has been discovered in GitLab CE/EE affecting all versions from 17.6 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2, that, under specific conditions, could have allowed unauthorized users to view confidential branch names by acc...

3.5

CVE-2025-11990

  • EPSS 0.02%
  • Veröffentlicht 15.11.2025 08:15:45
  • Zuletzt bearbeitet 19.11.2025 17:55:22

GitLab has remediated an issue in GitLab EE affecting all versions from 18.4 before 18.4.4, and 18.5 before 18.5.2 that could have allowed an authenticated user to gain CSRF tokens by exploiting improper input validation in repository references comb...

6.5

CVE-2025-2615

  • EPSS 0.01%
  • Veröffentlicht 15.11.2025 08:15:45
  • Zuletzt bearbeitet 19.11.2025 17:46:27

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.7 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2, that could have allowed a blocked user to access sensitive information by establishing GraphQL subscriptions t...

5.3

CVE-2025-11865

  • EPSS 0.01%
  • Veröffentlicht 15.11.2025 08:15:43
  • Zuletzt bearbeitet 19.11.2025 17:59:17

An issue has been discovered in GitLab EE affecting all versions from 18.1 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2 that, under certain circumstances, could have allowed an attacker to remove Duo flows of another user.

6.5

CVE-2025-12983

Exploit
  • EPSS 0.02%
  • Veröffentlicht 15.11.2025 08:13:32
  • Zuletzt bearbeitet 19.11.2025 19:44:25

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.9 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2 that could have allowed an authenticated attacker to cause a denial of service condition by submitting specially...

8.8

CVE-2025-11702

Exploit
  • EPSS 0.01%
  • Veröffentlicht 29.10.2025 07:04:52
  • Zuletzt bearbeitet 03.11.2025 18:32:41

GitLab has remediated an issue in EE affecting all versions from 17.1 before 18.3.5, 18.4 before 18.4.3, and 18.5 before 18.5.1 that could have allowed an authenticated attacker with specific permissions to hijack project runners from other projects.

6.5

CVE-2025-6601

Exploit
  • EPSS 0.02%
  • Veröffentlicht 27.10.2025 00:06:04
  • Zuletzt bearbeitet 28.10.2025 13:38:59

GitLab has remediated an issue in GitLab EE affecting all versions from 18.4 before 18.4.3, and 18.5 before 18.5.1 that under certain conditions could have allowed authenticated users to gain unauthorized project access by exploiting the access reque...

7.5

CVE-2025-10497

Exploit
  • EPSS 0.05%
  • Veröffentlicht 27.10.2025 00:05:39
  • Zuletzt bearbeitet 27.10.2025 17:43:17

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.3.5, 18.4 before 18.4.3, and 18.5 before 18.5.1 that could have allowed an unauthenticated attacker to cause a denial of service condition by sending specially...

6.5

CVE-2025-11971

  • EPSS 0.01%
  • Veröffentlicht 27.10.2025 00:05:34
  • Zuletzt bearbeitet 28.10.2025 13:47:55

GitLab has remediated an issue in GitLab EE affecting all versions from 10.6 before 18.3.5, 18.4 before 18.4.3, and 18.5 before 18.5.1 that could have allowed an authenticated attacker to trigger unauthorized pipeline executions by manipulating commi...

6.5

CVE-2025-11974

  • EPSS 0.04%
  • Veröffentlicht 27.10.2025 00:05:24
  • Zuletzt bearbeitet 28.10.2025 13:44:57

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.7 before 18.3.5, 18.4 before 18.4.3, and 18.5 before 18.5.1 that could have allowed an unauthenticated attacker to create a denial of service condition by uploading large f...