GitLab 18.6.0 Enterprise Edition
Approved changes feed: RSS · Atom
cpe:2.3:a:gitlab:gitlab:18.6.0:*:*:*:enterprise:*:*:*
part: a version: 18.6.0 update: *
| Vendor | Gitlab (57573e99-56e6-5fad-895e-0ce7fffc5b90) |
|---|---|
| Product | Gitlab (5414fcda-a172-5f72-b6e4-b415a19d21eb) |
| Edition | * |
| Language | * |
| Software edition | enterprise |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:gitlab/gitlab-org/gitlab |
purl2cpe | 2026-06-01 10:14:46.352486 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-7449 |
vulnerable | 2026-06-03 15:12:31.287832 |
Allocation of Resources Without Limits or Throttling in GitLab
MEDIUM (6.5)
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.3 before 18.4.5, 18.5 before 18.5.3, and 18.6 before 18.6.1 that could have allowed an authenticated user with specific permissions to cause a denial of service condition through HTTP response processing.
Published: 2025-11-26T19:46:32.641Z
Updated: 2025-12-10T23:01:24.555Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-6195 |
vulnerable | 2026-06-03 15:12:26.955871 |
Direct Request ('Forced Browsing') in GitLab
MEDIUM (4.3)
GitLab has remediated an issue in GitLab EE affecting all versions from 13.7 before 18.4.5, 18.5 before 18.5.3, and 18.6 before 18.6.1 that could have allowed an authenticated user to view information from security reports under certain configuration conditions.
Published: 2025-11-26T19:46:42.649Z
Updated: 2025-12-10T23:01:24.471Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-13611 |
vulnerable | 2026-06-03 14:58:46.578164 |
Insertion of Sensitive Information into Log File in GitLab
LOW (2)
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.2 before 18.5.5 and 18.6 before 18.6.3 that could have allowed an authenticated user with access to certain logs to obtain sensitive tokens under specific conditions.
Published: 2025-11-26T19:45:57.778Z
Updated: 2026-03-31T11:46:48.585Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-12653 |
vulnerable | 2026-06-03 14:58:44.676631 |
Authentication Bypass by Spoofing in GitLab
MEDIUM (6.5)
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.3 before 18.4.5, 18.5 before 18.5.3, and 18.6 before 18.6.1 that under specific conditions could have allowed an unauthenticated user to join arbitrary organizations by changing headers on some requests.
Published: 2025-11-26T19:46:12.641Z
Updated: 2025-12-10T23:01:24.241Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-12571 |
vulnerable | 2026-06-03 14:58:44.547340 |
Allocation of Resources Without Limits or Throttling in GitLab
HIGH (7.5)
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.4.5, 18.5 before 18.5.3, and 18.6 before 18.6.1 that could have allowed an unauthenticated user to cause a Denial of Service condition by sending specifically crafted requests containing malicious JSON payloads.
Published: 2025-11-26T19:46:17.647Z
Updated: 2025-12-10T23:01:24.090Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.