Gitlab

Gitlab

1247 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.7

CVE-2025-9958

  • EPSS 0.01%
  • Veröffentlicht 26.09.2025 09:15:49
  • Zuletzt bearbeitet 06.11.2025 18:15:45

An issue has been discovered in GitLab CE/EE affecting all versions from 14.10 before 18.2.7, 18.3 before 18.3.3, and 18.4 before 18.4.1, that could have allowed Guest users to access sensitive information stored in virtual registry configurations.

8.8

CVE-2025-7691

  • EPSS 0.01%
  • Veröffentlicht 26.09.2025 09:15:48
  • Zuletzt bearbeitet 29.09.2025 13:10:00

A privilege escalation issue has been discovered in GitLab EE affecting all versions from 16.6 prior to 18.2.7, 18.3 prior to 18.3.3, and 18.4 prior to 18.4.1 that could have allowed a developer with specific group management permissions to escalate ...

6.5

CVE-2025-10867

  • EPSS 0.04%
  • Veröffentlicht 26.09.2025 09:15:31
  • Zuletzt bearbeitet 29.09.2025 13:09:42

An issue has been discovered in GitLab CE/EE affecting all versions from 18.1 before 18.2.7, 18.3 before 18.3.3, and 18.4 before 18.4.1 that could have allowed an authenticated user to create a denial-of-service condition by exploiting an unprotected...

7.2

CVE-2025-10871

  • EPSS 0.02%
  • Veröffentlicht 26.09.2025 09:15:31
  • Zuletzt bearbeitet 29.09.2025 13:09:51

An issue has been discovered in GitLab EE affecting all versions from 16.6 before 18.2.7, 18.3 before 18.3.3, and 18.4 before 18.4.1. Project Maintainers can exploit a vulnerability where they can assign custom roles to users with permissions exceedi...

7.5

CVE-2025-10858

  • EPSS 0.05%
  • Veröffentlicht 26.09.2025 09:15:30
  • Zuletzt bearbeitet 29.09.2025 13:09:35

An issue was discovered in GitLab CE/EE affecting all versions before 18.2.7, 18.3 before 18.3.3, and 18.4 before 18.4.1 that allows unauthenticated users to cause a Denial of Service (DoS) condition while uploading specifically crafted large JSON fi...

4.3

CVE-2025-6769

  • EPSS 0.02%
  • Veröffentlicht 12.09.2025 06:15:43
  • Zuletzt bearbeitet 20.09.2025 02:55:46

An issue has been discovered in GitLab CE/EE affecting all versions from 15.1 before 18.1.6, 18.2 before 18.2.6, and 18.3 before 18.3.2 that could have allowed authenticated users to view administrator-only maintenance notes by accessing runner detai...

6.5

CVE-2025-7337

  • EPSS 0.06%
  • Veröffentlicht 12.09.2025 06:15:43
  • Zuletzt bearbeitet 20.09.2025 02:55:16

An issue has been discovered in GitLab CE/EE affecting all versions from 7.8 before 18.1.6, 18.2 before 18.2.6, and 18.3 before 18.3.2 that could have allowed an authenticated user with Developer-level access to cause a persistent denial of service a...

6.5

CVE-2025-1250

  • EPSS 0.06%
  • Veröffentlicht 12.09.2025 06:15:42
  • Zuletzt bearbeitet 20.09.2025 02:56:35

An issue has been discovered in GitLab CE/EE affecting all versions from 15.0 before 18.1.6, 18.2 before 18.2.6, and 18.3 before 18.3.2 that could have allowed an authenticated user to stall background job processing by sending specially crafted comm...

7.5

CVE-2025-2256

  • EPSS 0.05%
  • Veröffentlicht 12.09.2025 06:15:42
  • Zuletzt bearbeitet 20.09.2025 02:56:22

An issue has been discovered in GitLab CE/EE affecting all versions from 7.12 before 18.1.6, 18.2 before 18.2.6, and 18.3 before 18.3.2 that could have allowed unauthorized users to render the GitLab instance unresponsive to legitimate users by sendi...

8.8

CVE-2025-6454

  • EPSS 0.02%
  • Veröffentlicht 12.09.2025 06:15:42
  • Zuletzt bearbeitet 20.09.2025 02:56:00

An issue has been discovered in GitLab CE/EE affecting all versions from 16.11 before 18.1.6, 18.2 before 18.2.6, and 18.3 before 18.3.2 that could have allowed authenticated users to make unintended internal requests through proxy environments by in...