Tag: GitLab

Overview. A vulnerability (CVE-2026-5173) was reported in the GitLab product that allows server-side method calls due to lack of WebSocket access control. Affected Versions. GitLab CE/EE versions 16.9.6 and above but below 18.8.9 are affected. GitLab CE/EE versions 18.9 and above but below 18.9.5 are affected. GitLab CE/EE versions 18.10

Summary. Cross-site request forgery in the GraphQL API (CVE-2026-4922), cross-site scripting in Storybook (CVE-2026-5262), and poor path equivalence handling in Web IDE assets (CVE-2026-5816) have been announced in GitLab CE/EE. affected products span multiple 16.x-18.x version bands, with specific version ranges for each vulnerability. the vulnerabilities are resolved through updates

overview We have released security updates that address vulnerabilities in GitLab products. users of affected products are encouraged to update to the latest version. affected products CVE-2025-12664 GitLab CE/EE Version: 13.0 and above but below 18.8.9GitLab CE/EE Versions: 18.9 and above but below 18.9.5GitLab CE/EE Version: 18.10 or later but

overview We have released security updates to address vulnerabilities in GitLab products. users of affected products are encouraged to update to the latest version. affected products CVE-2026-2370 GitLab CE/EE Versions: 14.3 and above but below 18.8.7GitLab CE/EE Versions: 18.9 and later but not earlier than 18.9.3GitLab CE/EE version: 18.10 or

overview We have released security updates to address vulnerabilities in GitLab products. users of affected products are encouraged to update to the latest version. affected products CVE-2026-2995 GitLab EE Version: 15.4 and above but below 18.8.7GitLab EE Version: 18.9 and above but below 18.9.3GitLab EE version: 18.10 or later but

Overview   GitLab has released security updates to fix vulnerabilities in its products. Users of affected products are advised to update to the latest version.     Affected Products   CVE-2025-13929   GitLab CE/EE versions: 10.0 and above but below 18.7.6GitLab CE/EE versions: 18.8 and above but below 18.8.6GitLab CE/EE versions:

Overview   GitLab has released security updates to fix vulnerabilities in its products. Users of affected products are advised to update to the latest version.     Affected Products   CVE-2025-14511   GitLab CE/EE versions: 12.2 and above but below 18.7.5GitLab CE/EE versions: 18.8 and above but below 18.8.5GitLab CE/EE

Overview   We have released security updates to fix vulnerabilities in GitLab products. Users of affected products are advised to update to the latest version.    Affected Products   CVE-2026-0595   GitLab CE/EE Versions: 13.9 and above but below 18.6.6GitLab CE/EE Versions: 18.7 and above but below 18.7.4GitLab CE/EE versions:

Overview   We have released security updates to fix vulnerabilities in GitLab products. Users of affected products are advised to update to the latest version.    Affected Products   CVE-2026-0723   GitLab CE/EE Versions: 18.6 and later but not earlier than 18.6.4GitLab CE/EE Versions: 18.7 and above but below 18.7.2GitLab

Overview   We have released security updates to fix vulnerabilities in GitLab products. Users of affected products are advised to update to the latest version.    Affected Products   CVE-2025-13927   GitLab CE/EE Versions: 11.9 and above but below 18.6.4GitLab CE/EE Versions: 18.7 and above but below 18.7.2GitLab CE/EE versions: