GitLab 17.8.0 Enterprise Edition
Approved changes feed: RSS · Atom
cpe:2.3:a:gitlab:gitlab:17.8.0:*:*:*:enterprise:*:*:*
part: a version: 17.8.0 update: *
| Vendor | Gitlab (57573e99-56e6-5fad-895e-0ce7fffc5b90) |
|---|---|
| Product | Gitlab (5414fcda-a172-5f72-b6e4-b415a19d21eb) |
| Edition | * |
| Language | * |
| Software edition | enterprise |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:gitlab/gitlab-org/gitlab |
purl2cpe | 2026-06-01 10:14:46.352307 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-0314 |
vulnerable | 2026-06-03 14:58:32.038344 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
HIGH (8.7)
An issue has been discovered in GitLab CE/EE affecting all versions from 17.2 before 17.6.4, 17.7 before 17.7.3, and 17.8 before 17.8.1. Improper rendering of certain file types lead to cross-site scripting.
Published: 2025-01-24T02:30:44.273Z
Updated: 2025-02-12T20:41:30.754Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11931 |
vulnerable | 2026-06-03 14:54:15.148653 |
Insufficient Granularity of Access Control in GitLab
MEDIUM (6.4)
An issue has been discovered in GitLab CE/EE affecting all versions starting from 17.0 prior to 17.6.4, from 17.7 prior to 17.7.3, and from 17.8 prior to 17.8.1. Under certain conditions, it may have been possible for users with developer role to exfiltrate protected CI variables via CI lint.
Published: 2025-01-24T03:02:16.074Z
Updated: 2025-02-05T20:14:21.196Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.