Gitlab

Gitlab

1222 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2025-8770

  • EPSS 0.02%
  • Published 13.08.2025 17:26:10
  • Last modified 15.08.2025 16:33:45

An issue has been discovered in GitLab EE affecting all versions from 18.0 prior to 18.0.6, 18.1 prior to 18.1.4, and 18.2 prior to 18.2.2 that could have allowed authenticated users with specific access to bypass merge request approval policies by m...

4.3

CVE-2025-0765

  • EPSS 0.02%
  • Published 24.07.2025 06:33:38
  • Last modified 08.08.2025 18:26:52

An issue has been discovered in GitLab CE/EE affecting all versions from 17.9 before 18.0.5, 18.1 before 18.1.3, and 18.2 before 18.2.1 that could have allowed an unauthorized user to access custom service desk email addresses.

4.3

CVE-2025-1299

  • EPSS 0.02%
  • Published 24.07.2025 06:33:28
  • Last modified 28.07.2025 13:23:04

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 18.0.5, all versions starting from 18.1 before 18.1.3, all versions starting from 18.2 before 18.2.1 that, under circumstances, could have allowed an unauth...

5.3

CVE-2025-4976

  • EPSS 0.02%
  • Published 24.07.2025 06:05:37
  • Last modified 28.07.2025 14:14:07

An issue has been discovered in GitLab EE affecting all versions from 17.0 before 18.0.5, 18.1 before 18.1.3, and 18.2 before 18.2.1 that, under certain circumstances, could have allowed an attacker to access internal notes in GitLab Duo responses.

2.7

CVE-2025-7001

  • EPSS 0.02%
  • Published 24.07.2025 06:05:22
  • Last modified 28.07.2025 14:36:43

An issue has been discovered in GitLab CE/EE affecting all versions from 15.0 before 18.0.5, 18.1 before 18.1.3, and 18.2 before 18.2.1 that could have allowed priviledged users to access certain resource_group information through the API which shoul...

5.4

CVE-2025-4439

  • EPSS 0.06%
  • Published 23.07.2025 18:09:17
  • Last modified 08.08.2025 18:27:04

An issue has been discovered in GitLab CE/EE affecting all versions from 15.10 before 18.0.5, 18.1 before 18.1.3, and 18.2 before 18.2.1 that could have allowed an authenticated user to perform cross-site scripting attacks when the instance is served...

6.1

CVE-2025-4700

  • EPSS 0.08%
  • Published 23.07.2025 17:33:13
  • Last modified 08.08.2025 18:26:58

An issue has been discovered in GitLab CE/EE affecting all versions from 15.10 before 18.0.5, 18.1 before 18.1.3, and 18.2 before 18.2.1 that, under specific circumstances, could have potentially allowed a successful attacker to trigger unintended co...

4.3

CVE-2025-3396

  • EPSS 0.02%
  • Published 10.07.2025 08:31:04
  • Last modified 25.07.2025 16:40:05

An issue has been discovered in GitLab EE affecting all versions from 13.3 before 17.11.6, 18.0 before 18.0.4, and 18.1 before 18.1.2 that could have allowed authenticated project owners to bypass group-level forking restrictions by manipulating API ...

2.7

CVE-2025-4972

  • EPSS 0.02%
  • Published 10.07.2025 08:30:59
  • Last modified 25.07.2025 16:40:29

An issue has been discovered in GitLab EE affecting all versions from 18.0 before 18.0.4 and 18.1 before 18.1.2 that could have allowed authenticated users with invitation privileges to bypass group-level user invitation restrictions by manipulating ...

2.7

CVE-2025-6168

  • EPSS 0.02%
  • Published 10.07.2025 08:30:54
  • Last modified 25.07.2025 16:41:11

An issue has been discovered in GitLab EE affecting all versions from 18.0 before 18.0.4 and 18.1 before 18.1.2 that could have allowed authenticated maintainers to bypass group-level user invitation restrictions by sending crafted API requests.