Gitlab

GitLab

1271 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2025-6601

Exploit
  • EPSS 0.02%
  • Veröffentlicht 27.10.2025 00:06:04
  • Zuletzt bearbeitet 28.10.2025 13:38:59

GitLab has remediated an issue in GitLab EE affecting all versions from 18.4 before 18.4.3, and 18.5 before 18.5.1 that under certain conditions could have allowed authenticated users to gain unauthorized project access by exploiting the access reque...

7.5

CVE-2025-10497

Exploit
  • EPSS 0.05%
  • Veröffentlicht 27.10.2025 00:05:39
  • Zuletzt bearbeitet 27.10.2025 17:43:17

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.3.5, 18.4 before 18.4.3, and 18.5 before 18.5.1 that could have allowed an unauthenticated attacker to cause a denial of service condition by sending specially...

6.5

CVE-2025-11971

  • EPSS 0.02%
  • Veröffentlicht 27.10.2025 00:05:34
  • Zuletzt bearbeitet 28.10.2025 13:47:55

GitLab has remediated an issue in GitLab EE affecting all versions from 10.6 before 18.3.5, 18.4 before 18.4.3, and 18.5 before 18.5.1 that could have allowed an authenticated attacker to trigger unauthorized pipeline executions by manipulating commi...

6.5

CVE-2025-11974

  • EPSS 0.05%
  • Veröffentlicht 27.10.2025 00:05:24
  • Zuletzt bearbeitet 28.10.2025 13:44:57

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.7 before 18.3.5, 18.4 before 18.4.3, and 18.5 before 18.5.1 that could have allowed an unauthenticated attacker to create a denial of service condition by uploading large f...

7.5

CVE-2025-11447

Exploit
  • EPSS 0.05%
  • Veröffentlicht 27.10.2025 00:05:19
  • Zuletzt bearbeitet 27.10.2025 17:40:28

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.0 before 18.3.5, 18.4 before 18.4.3, and 18.5 before 18.5.1 that could have allowed an unauthenticated attacker to cause a denial of service condition by sending GraphQL re...

8.1

CVE-2025-11989

  • EPSS 0.01%
  • Veröffentlicht 26.10.2025 23:33:50
  • Zuletzt bearbeitet 28.10.2025 13:38:41

GitLab has remediated an issue in GitLab EE affecting all versions from 17.6.0 before 18.3.5, 18.4 before 18.4.3, and 18.5 before 18.5.1 that could have allowed an authenticated attacker to execute unauthorized quick actions by including malicious co...

7.5

CVE-2025-10004

Exploit
  • EPSS 0.06%
  • Veröffentlicht 09.10.2025 12:04:30
  • Zuletzt bearbeitet 20.10.2025 20:57:04

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.12 to 18.2.8, 18.3 to 18.3.4, and 18.4 to 18.4.2 that could make the GitLab instance unresponsive or severely degraded by sending crafted GraphQL queries requesting large r...

7.7

CVE-2025-11340

  • EPSS 0.02%
  • Veröffentlicht 09.10.2025 12:04:20
  • Zuletzt bearbeitet 20.10.2025 21:00:37

GitLab has remediated an issue in GitLab EE affecting all versions from 18.3 to 18.3.4, 18.4 to 18.4.2 that, under certain conditions, could have allowed authenticated users with read-only API tokens to perform unauthorized write operations on vulner...

6.5

CVE-2025-2934

Exploit
  • EPSS 0.14%
  • Veröffentlicht 09.10.2025 11:33:43
  • Zuletzt bearbeitet 20.10.2025 21:01:34

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 5.2 prior to 18.2.8, 18.3 prior to 18.3.4, and 18.4 prior to 18.4.2 that could have allowed an authenticated attacker to create a denial of service condition by configuring ma...

7.5

CVE-2025-8014

  • EPSS 0.24%
  • Veröffentlicht 27.09.2025 17:15:33
  • Zuletzt bearbeitet 03.10.2025 18:23:37

Denial of Service issue in GraphQL endpoints in Gitlab EE/CE affecting all versions from 11.10 prior to 18.2.7, 18.3 prior to 18.3.3, and 18.4 prior to 18.4.1 allows unauthenticated users to potentially bypass query complexity limits leading to resou...