Gitlab

Gitlab

1247 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2025-2937

Exploit
  • EPSS 0.06%
  • Veröffentlicht 13.08.2025 17:26:55
  • Zuletzt bearbeitet 15.08.2025 16:31:10

An issue has been discovered in GitLab CE/EE affecting all versions from 13.2 before 18.0.6, 18.1 before 18.1.4, and 18.2 before 18.2.2 that could have allowed authenticated users to create a denial of service condition by sending specially crafted m...

5

CVE-2025-5819

Exploit
  • EPSS 0.02%
  • Veröffentlicht 13.08.2025 17:26:45
  • Zuletzt bearbeitet 29.08.2025 17:15:36

An issue has been discovered in GitLab CE/EE affecting all versions from 15.7 before 18.0.6, 18.1 before 18.1.4, and 18.2 before 18.2.2 that could have allowed authenticated users with developer access to obtain ID tokens for protected branches under...

5.4

CVE-2025-6186

Medienbericht Exploit
  • EPSS 0.08%
  • Veröffentlicht 13.08.2025 17:26:35
  • Zuletzt bearbeitet 15.08.2025 16:33:10

An issue has been discovered in GitLab CE/EE affecting all versions from 18.1 before 18.1.4, and 18.2 before 18.2.2 that could have allowed authenticated users to achieve account takeover by injecting malicious HTML into work item names.

5.4

CVE-2025-7739

Medienbericht Exploit
  • EPSS 0.06%
  • Veröffentlicht 13.08.2025 17:26:25
  • Zuletzt bearbeitet 15.08.2025 16:33:31

An issue has been discovered in GitLab CE/EE affecting all versions from 18.2 before 18.2.2 that, under certain conditions, could have allowed authenticated users to achieve stored cross-site scripting by injecting malicious HTML content in scoped la...

5.4

CVE-2025-7734

Medienbericht Exploit
  • EPSS 0.08%
  • Veröffentlicht 13.08.2025 17:26:20
  • Zuletzt bearbeitet 15.08.2025 16:33:23

An issue has been discovered in GitLab CE/EE affecting all versions from 14.2 before 18.0.6, 18.1 before 18.1.4 and 18.2 before 18.2.2 that, under certain conditions, could have allowed a successful attacker to execute actions on behalf of users by i...

6.5

CVE-2025-8770

  • EPSS 0.02%
  • Veröffentlicht 13.08.2025 17:26:10
  • Zuletzt bearbeitet 15.08.2025 16:33:45

An issue has been discovered in GitLab EE affecting all versions from 18.0 prior to 18.0.6, 18.1 prior to 18.1.4, and 18.2 prior to 18.2.2 that could have allowed authenticated users with specific access to bypass merge request approval policies by m...

4.3

CVE-2025-0765

  • EPSS 0.02%
  • Veröffentlicht 24.07.2025 06:33:38
  • Zuletzt bearbeitet 08.08.2025 18:26:52

An issue has been discovered in GitLab CE/EE affecting all versions from 17.9 before 18.0.5, 18.1 before 18.1.3, and 18.2 before 18.2.1 that could have allowed an unauthorized user to access custom service desk email addresses.

4.3

CVE-2025-1299

  • EPSS 0.02%
  • Veröffentlicht 24.07.2025 06:33:28
  • Zuletzt bearbeitet 28.07.2025 13:23:04

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 18.0.5, all versions starting from 18.1 before 18.1.3, all versions starting from 18.2 before 18.2.1 that, under circumstances, could have allowed an unauth...

5.3

CVE-2025-4976

  • EPSS 0.02%
  • Veröffentlicht 24.07.2025 06:05:37
  • Zuletzt bearbeitet 28.07.2025 14:14:07

An issue has been discovered in GitLab EE affecting all versions from 17.0 before 18.0.5, 18.1 before 18.1.3, and 18.2 before 18.2.1 that, under certain circumstances, could have allowed an attacker to access internal notes in GitLab Duo responses.

2.7

CVE-2025-7001

  • EPSS 0.02%
  • Veröffentlicht 24.07.2025 06:05:22
  • Zuletzt bearbeitet 28.07.2025 14:36:43

An issue has been discovered in GitLab CE/EE affecting all versions from 15.0 before 18.0.5, 18.1 before 18.1.3, and 18.2 before 18.2.1 that could have allowed priviledged users to access certain resource_group information through the API which shoul...