VYPR

GitLab

by GitLab Inc.

Source repositories

CVEs (1,214)

  • CVE-2026-7250HigJun 11, 2026
    risk 0.49cvss 7.5epss 0.00

    GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.10 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an unauthenticated user to cause denial of service due to improper input validation in…

  • CVE-2026-1659HigMay 14, 2026
    risk 0.49cvss 7.5epss 0.00

    GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.0 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an unauthenticated user to cause denial of service by sending specially crafted requests due to insufficient input…

  • CVE-2025-14870HigMay 14, 2026
    risk 0.49cvss 7.5epss 0.00

    GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.5 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an unauthenticated user to cause denial of service by sending specially crafted JSON payloads due to insufficient…

  • CVE-2025-14869HigMay 14, 2026
    risk 0.49cvss 7.5epss 0.00

    GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.5 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an unauthenticated user to cause denial of service by sending specially crafted payloads on certain API endpoints.

  • CVE-2026-1092HigApr 8, 2026
    risk 0.49cvss 7.5epss 0.01

    GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.10 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an unauthenticated user to cause denial of service due to improper input validation of JSON payloads.

  • CVE-2025-12664HigApr 8, 2026
    risk 0.49cvss 7.5epss 0.01

    GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.0 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an unauthenticated user to cause denial of service by sending repeated GraphQL queries.

  • CVE-2017-0919HigJul 3, 2018
    risk 0.49cvss 7.5epss 0.01

    GitLab Community and Enterprise Editions before 10.1.6, 10.2.6, and 10.3.4 are vulnerable to an authorization bypass issue in the GitLab import component resulting in an attacker being able to perform operations under a group in which they were previously unauthorized.

  • CVE-2017-0914HigMar 21, 2018
    risk 0.49cvss 7.5epss 0.01

    Gitlab Community and Enterprise Editions version 10.1, 10.2, and 10.2.4 are vulnerable to a SQL injection in the MilestoneFinder component resulting in disclosure of all data in a GitLab instance's database.

  • CVE-2026-8589HigJun 11, 2026
    risk 0.47cvss 7.3epss 0.00

    GitLab has remediated an issue in GitLab EE affecting all versions from 13.1.4 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user to add unauthorized email addresses to a targeted user's account due…

  • CVE-2026-1322MedMay 14, 2026
    risk 0.44cvss 6.8epss 0.00

    GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.0 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with a read_api scoped OAuth application to create issues and add comments to issues in…

  • CVE-2016-9086MedNov 3, 2016
    risk 0.43cvss 6.5epss 0.05

    GitLab versions 8.9.x and above contain a critical security flaw in the "import/export project" feature of GitLab. Added in GitLab 8.9, this feature allows a user to export and then re-import their projects as tape archive files (tar). All GitLab versions prior to 8.13.0…

  • CVE-2026-1500MedJun 11, 2026
    risk 0.42cvss 6.5epss 0.00

    GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user to cause denial of service due to uncontrolled resource…

  • CVE-2026-1402MedMay 27, 2026
    risk 0.42cvss 6.5epss 0.00

    GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.1 before 18.10.7, 18.11 before 18.11.4, and 19.0 before 19.0.1 that under certain conditions could have allowed an authenticated user to cause denial of service due to insufficient validation.

  • CVE-2026-8280MedMay 14, 2026
    risk 0.42cvss 6.5epss 0.00

    GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.3 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user to cause denial of service through excessive memory consumption due to improper input…

  • CVE-2026-4527MedMay 14, 2026
    risk 0.42cvss 6.5epss 0.00

    GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.10 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an unauthenticated user to create unauthorized Jira subscriptions for a targeted user's namespace via a…

  • CVE-2026-4524MedMay 14, 2026
    risk 0.42cvss 6.5epss 0.00

    GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.9.1 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user to access confidential issue content in public projects without proper authorization due…

  • CVE-2026-1184MedMay 14, 2026
    risk 0.42cvss 6.5epss 0.00

    GitLab has remediated an issue in GitLab EE affecting all versions from 11.9 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an unauthenticated user to cause denial of service by uploading a specially crafted file due to improper validation.

  • CVE-2026-1660MedApr 22, 2026
    risk 0.42cvss 6.5epss 0.00

    GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.3 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that under certain conditions could have allowed an authenticated user to cause denial of service when importing issues due to improper…

  • CVE-2025-6016MedApr 22, 2026
    risk 0.42cvss 6.5epss 0.00

    GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.2 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that could have allowed an authenticated user to cause denial of service due to insufficient resource allocation limits when retrieving…

  • CVE-2025-3922MedApr 22, 2026
    risk 0.42cvss 6.5epss 0.00

    GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.4 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that could have allowed an authenticated user to cause denial of service by overwhelming system resources under certain conditions due to…

Page 2 of 61