Gitlab

Gitlab

1247 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2025-4439

  • EPSS 0.08%
  • Veröffentlicht 23.07.2025 18:09:17
  • Zuletzt bearbeitet 08.08.2025 18:27:04

An issue has been discovered in GitLab CE/EE affecting all versions from 15.10 before 18.0.5, 18.1 before 18.1.3, and 18.2 before 18.2.1 that could have allowed an authenticated user to perform cross-site scripting attacks when the instance is served...

6.1

CVE-2025-4700

  • EPSS 0.1%
  • Veröffentlicht 23.07.2025 17:33:13
  • Zuletzt bearbeitet 08.08.2025 18:26:58

An issue has been discovered in GitLab CE/EE affecting all versions from 15.10 before 18.0.5, 18.1 before 18.1.3, and 18.2 before 18.2.1 that, under specific circumstances, could have potentially allowed a successful attacker to trigger unintended co...

4.3

CVE-2025-3396

  • EPSS 0.01%
  • Veröffentlicht 10.07.2025 08:31:04
  • Zuletzt bearbeitet 25.07.2025 16:40:05

An issue has been discovered in GitLab EE affecting all versions from 13.3 before 17.11.6, 18.0 before 18.0.4, and 18.1 before 18.1.2 that could have allowed authenticated project owners to bypass group-level forking restrictions by manipulating API ...

2.7

CVE-2025-4972

  • EPSS 0.01%
  • Veröffentlicht 10.07.2025 08:30:59
  • Zuletzt bearbeitet 25.07.2025 16:40:29

An issue has been discovered in GitLab EE affecting all versions from 18.0 before 18.0.4 and 18.1 before 18.1.2 that could have allowed authenticated users with invitation privileges to bypass group-level user invitation restrictions by manipulating ...

2.7

CVE-2025-6168

  • EPSS 0.01%
  • Veröffentlicht 10.07.2025 08:30:54
  • Zuletzt bearbeitet 25.07.2025 16:41:11

An issue has been discovered in GitLab EE affecting all versions from 18.0 before 18.0.4 and 18.1 before 18.1.2 that could have allowed authenticated maintainers to bypass group-level user invitation restrictions by sending crafted API requests.

8

CVE-2025-6948

  • EPSS 0.03%
  • Veröffentlicht 10.07.2025 08:30:39
  • Zuletzt bearbeitet 25.07.2025 16:42:31

An issue has been discovered in GitLab CE/EE affecting all versions from 17.11 before 17.11.6, 18.0 before 18.0.4, and 18.1 before 18.1.2 that, under certain conditions, could have allowed a successful attacker to execute actions on behalf of users b...

5.3

CVE-2025-1754

  • EPSS 0.06%
  • Veröffentlicht 26.06.2025 05:31:40
  • Zuletzt bearbeitet 12.08.2025 14:41:54

An issue has been discovered in GitLab CE/EE affecting all versions from 17.2 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed unauthenticated attackers to upload arbitrary files to public projects by sending crafted...

8.8

CVE-2025-2938

  • EPSS 0.01%
  • Veröffentlicht 26.06.2025 05:31:30
  • Zuletzt bearbeitet 12.08.2025 14:42:33

An issue has been discovered in GitLab CE/EE affecting all versions from 17.3 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated users to gain elevated project privileges by requesting access to projects ...

6.5

CVE-2025-3279

  • EPSS 0.05%
  • Veröffentlicht 26.06.2025 05:31:25
  • Zuletzt bearbeitet 12.08.2025 14:42:56

An issue has been discovered in GitLab CE/EE affecting all versions from 10.7 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated attackers to create a DoS condition by sending crafted GraphQL requests.

4.3

CVE-2025-5315

  • EPSS 0.01%
  • Veröffentlicht 26.06.2025 05:31:15
  • Zuletzt bearbeitet 12.08.2025 14:43:14

An issue has been discovered in GitLab CE/EE affecting all versions from 17.2 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated users with Guest role permissions to add child items to incident work items...