GitLab Multiple Vulnerabilities
Release Date: 15 May 2026
RISK: Medium Risk
TYPE: Servers - Other Servers
Multiple vulnerabilities were identified in GitLab. A remote attacker could exploit some of these vulnerabilities to trigger cross-site scripting, denial of service condition, remote code execution, sensitive information disclosure, security restriction bypass and data manipulation on the targeted system.
Impact
- Cross-Site Scripting
- Denial of Service
- Remote Code Execution
- Security Restriction Bypass
- Information Disclosure
- Data Manipulation
System / Technologies affected
- GitLab Community Edition (CE) versions prior to 18.9.7, 18.10.6, 18.11.3
- GitLab Enterprise Edition (EE) versions prior to 18.9.7, 18.10.6, 18.11.3
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
Vulnerability Identifier
- CVE-2025-12669
- CVE-2025-13874
- CVE-2025-14869
- CVE-2025-14870
- CVE-2026-1184
- CVE-2026-1322
- CVE-2026-1338
- CVE-2026-1659
- CVE-2026-2900
- CVE-2026-3073
- CVE-2026-3074
- CVE-2026-3160
- CVE-2026-3607
- CVE-2026-4524
- CVE-2026-4527
- CVE-2026-5297
- CVE-2026-6063
- CVE-2026-6073
- CVE-2026-6335
- CVE-2026-6883
- CVE-2026-7377
- CVE-2026-7471
- CVE-2026-7481
- CVE-2026-8144
- CVE-2026-8280
沒有留言:
發佈留言