Gitlab

Gitlab

1222 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2024-10219

Medienbericht Exploit
  • EPSS 0.03%
  • Veröffentlicht 13.08.2025 17:28:00
  • Zuletzt bearbeitet 14.08.2025 17:53:47

An issue has been discovered in GitLab CE/EE affecting all versions from 15.6 before 18.0.6, 18.1 before 18.1.4, and 18.2 before 18.2.2 that under certain conditions could have allowed authenticated users to bypass access controls and download privat...

5.5

CVE-2024-12303

Exploit
  • EPSS 0.02%
  • Veröffentlicht 13.08.2025 17:27:45
  • Zuletzt bearbeitet 15.08.2025 16:24:44

An issue has been discovered in GitLab CE/EE affecting all versions from 17.7 before 18.0.6, 18.1 before 18.1.4, and 18.2 before 18.2.2 that under certain conditions could have allowed authenticated users with specific roles and permissions to delete...

7.5

CVE-2025-1477

Exploit
  • EPSS 0.05%
  • Veröffentlicht 13.08.2025 17:27:25
  • Zuletzt bearbeitet 15.08.2025 16:24:55

An issue has been discovered in GitLab CE/EE affecting all versions from 8.14 before 18.0.6, 18.1 before 18.1.4, and 18.2 before 18.2.2 that could have allowed an unauthenticated user to create a denial of service condition by sending specially craft...

4.3

CVE-2025-2498

Exploit
  • EPSS 0.02%
  • Veröffentlicht 13.08.2025 17:27:10
  • Zuletzt bearbeitet 15.08.2025 16:25:17

An improper access control in Gitlab EE affecting all versions from 12.0 prior to 18.0.6, 18.1 prior to 18.1.4, and 18.2 prior to 18.2.2 that under certain conditions could have allowed users to view assigned issues from restricted groups by bypassin...

6.5

CVE-2025-2614

Exploit
  • EPSS 0.04%
  • Veröffentlicht 13.08.2025 17:27:00
  • Zuletzt bearbeitet 15.08.2025 16:30:52

An issue has been discovered in GitLab CE/EE affecting all versions from 11.6 before 18.0.6, 18.1 before 18.1.4, and 18.2 before 18.2.2 that could have allowed an authenticated user to cause a denial of service condition by creating specially crafted...

6.5

CVE-2025-2937

Exploit
  • EPSS 0.04%
  • Veröffentlicht 13.08.2025 17:26:55
  • Zuletzt bearbeitet 15.08.2025 16:31:10

An issue has been discovered in GitLab CE/EE affecting all versions from 13.2 before 18.0.6, 18.1 before 18.1.4, and 18.2 before 18.2.2 that could have allowed authenticated users to create a denial of service condition by sending specially crafted m...

5

CVE-2025-5819

Exploit
  • EPSS 0.02%
  • Veröffentlicht 13.08.2025 17:26:45
  • Zuletzt bearbeitet 29.08.2025 17:15:36

An issue has been discovered in GitLab CE/EE affecting all versions from 15.7 before 18.0.6, 18.1 before 18.1.4, and 18.2 before 18.2.2 that could have allowed authenticated users with developer access to obtain ID tokens for protected branches under...

5.4

CVE-2025-6186

Medienbericht Exploit
  • EPSS 0.07%
  • Veröffentlicht 13.08.2025 17:26:35
  • Zuletzt bearbeitet 15.08.2025 16:33:10

An issue has been discovered in GitLab CE/EE affecting all versions from 18.1 before 18.1.4, and 18.2 before 18.2.2 that could have allowed authenticated users to achieve account takeover by injecting malicious HTML into work item names.

5.4

CVE-2025-7739

Medienbericht Exploit
  • EPSS 0.05%
  • Veröffentlicht 13.08.2025 17:26:25
  • Zuletzt bearbeitet 15.08.2025 16:33:31

An issue has been discovered in GitLab CE/EE affecting all versions from 18.2 before 18.2.2 that, under certain conditions, could have allowed authenticated users to achieve stored cross-site scripting by injecting malicious HTML content in scoped la...

5.4

CVE-2025-7734

Medienbericht Exploit
  • EPSS 0.07%
  • Veröffentlicht 13.08.2025 17:26:20
  • Zuletzt bearbeitet 15.08.2025 16:33:23

An issue has been discovered in GitLab CE/EE affecting all versions from 14.2 before 18.0.6, 18.1 before 18.1.4 and 18.2 before 18.2.2 that, under certain conditions, could have allowed a successful attacker to execute actions on behalf of users by i...