Gitlab

Gitlab

1247 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2025-11447

Exploit
  • EPSS 0.05%
  • Veröffentlicht 27.10.2025 00:05:19
  • Zuletzt bearbeitet 27.10.2025 17:40:28

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.0 before 18.3.5, 18.4 before 18.4.3, and 18.5 before 18.5.1 that could have allowed an unauthenticated attacker to cause a denial of service condition by sending GraphQL re...

8.1

CVE-2025-11989

  • EPSS 0.01%
  • Veröffentlicht 26.10.2025 23:33:50
  • Zuletzt bearbeitet 28.10.2025 13:38:41

GitLab has remediated an issue in GitLab EE affecting all versions from 17.6.0 before 18.3.5, 18.4 before 18.4.3, and 18.5 before 18.5.1 that could have allowed an authenticated attacker to execute unauthorized quick actions by including malicious co...

7.5

CVE-2025-10004

Exploit
  • EPSS 0.05%
  • Veröffentlicht 09.10.2025 12:04:30
  • Zuletzt bearbeitet 20.10.2025 20:57:04

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.12 to 18.2.8, 18.3 to 18.3.4, and 18.4 to 18.4.2 that could make the GitLab instance unresponsive or severely degraded by sending crafted GraphQL queries requesting large r...

7.7

CVE-2025-11340

  • EPSS 0.02%
  • Veröffentlicht 09.10.2025 12:04:20
  • Zuletzt bearbeitet 20.10.2025 21:00:37

GitLab has remediated an issue in GitLab EE affecting all versions from 18.3 to 18.3.4, 18.4 to 18.4.2 that, under certain conditions, could have allowed authenticated users with read-only API tokens to perform unauthorized write operations on vulner...

6.5

CVE-2025-2934

Exploit
  • EPSS 0.13%
  • Veröffentlicht 09.10.2025 11:33:43
  • Zuletzt bearbeitet 20.10.2025 21:01:34

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 5.2 prior to 18.2.8, 18.3 prior to 18.3.4, and 18.4 prior to 18.4.2 that could have allowed an authenticated attacker to create a denial of service condition by configuring ma...

7.5

CVE-2025-8014

  • EPSS 0.08%
  • Veröffentlicht 27.09.2025 17:15:33
  • Zuletzt bearbeitet 03.10.2025 18:23:37

Denial of Service issue in GraphQL endpoints in Gitlab EE/CE affecting all versions from 11.10 prior to 18.2.7, 18.3 prior to 18.3.3, and 18.4 prior to 18.4.1 allows unauthenticated users to potentially bypass query complexity limits leading to resou...

7.5

CVE-2025-11042

  • EPSS 0.05%
  • Veröffentlicht 26.09.2025 10:15:47
  • Zuletzt bearbeitet 29.09.2025 13:11:50

An issue was discovered in GitLab CE/EE affecting all versions starting from 17.2 before 18.2.7, 18.3 before 18.3.3, and 18.4 before 18.4.1, that allows an attacker to cause uncontrolled CPU consumption, potentially leading to a Denial of Service (Do...

6.5

CVE-2025-5069

  • EPSS 0.01%
  • Veröffentlicht 26.09.2025 10:15:47
  • Zuletzt bearbeitet 29.09.2025 13:12:20

An issue has been discovered in GitLab CE/EE affecting all versions from 17.10 before 18.2.7, 18.3 before 18.3.3, and 18.4 before 18.4.1 that could have allowed an authenticated user to gain unauthorized access to confidential issues by creating a pr...

5.3

CVE-2025-10868

  • EPSS 0.02%
  • Veröffentlicht 26.09.2025 10:15:46
  • Zuletzt bearbeitet 29.09.2025 13:11:31

An issue has been discovered in GitLab CE/EE affecting all versions from 17.4 before 18.2.7, 18.3 before 18.3.3, and 18.4 before 18.4.1 where certain string conversion methods exhibit performance degradation with large inputs.

9.6

CVE-2025-9642

  • EPSS 0.06%
  • Veröffentlicht 26.09.2025 09:15:49
  • Zuletzt bearbeitet 29.09.2025 13:10:11

An issue has been discovered in GitLab CE/EE affecting all versions from 14.10 before 18.2.7, 18.3 before 18.3.3, and 18.4 before 18.4.1 that could allow an attacker to inject malicious content that may lead to account takeover.