GitLab 17.9.0 Community Edition
Approved changes feed: RSS · Atom
cpe:2.3:a:gitlab:gitlab:17.9.0:*:*:*:community:*:*:*
part: a version: 17.9.0 update: *
| Vendor | Gitlab (57573e99-56e6-5fad-895e-0ce7fffc5b90) |
|---|---|
| Product | Gitlab (5414fcda-a172-5f72-b6e4-b415a19d21eb) |
| Edition | * |
| Language | * |
| Software edition | community |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:gitlab/gitlab-org/gitlab |
purl2cpe | 2026-06-01 10:14:46.352328 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-0475 |
vulnerable | 2026-06-03 14:58:32.285475 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
HIGH (8.7)
An issue has been discovered in GitLab CE/EE affecting all versions from 15.10 prior to 17.7.6, 17.8 prior to 17.8.4, and 17.9 prior to 17.9.1. A proxy feature could potentially allow unintended content rendering leading to XSS under specific circumstances.
Published: 2025-03-03T10:30:47.570Z
Updated: 2025-03-03T12:07:55.921Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-8186 |
vulnerable | 2026-06-03 14:58:17.368838 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
MEDIUM (5.4)
An issue has been discovered in GitLab CE/EE affecting all versions from 16.6 before 17.7.6, 17.8 before 17.8.4, and 17.9 before 17.9.1. An attacker could inject HMTL into the child item search potentially leading to XSS in certain situations.
Published: 2025-03-03T10:02:44.912Z
Updated: 2025-03-03T12:32:03.051Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.