Ai Gateway
Approved changes feed: RSS · Atom
cpe:2.3:a:gitlab:ai-gateway:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Gitlab (57573e99-56e6-5fad-895e-0ce7fffc5b90) |
|---|---|
| Product | Ai Gateway (7daf425a-173c-5074-9219-723b59385601) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2026-1868 |
vulnerable | 2026-06-03 15:14:45.467339 |
Improper Neutralization of Special Elements Used in a Template Engine in GitLab AI Gateway
CRITICAL (9.9)
GitLab has remediated a vulnerability in the Duo Workflow Service component of GitLab AI Gateway affecting all versions of the AI Gateway from 18.1.6, 18.2.6, 18.3.1 to 18.6.1, 18.7.0, and 18.8.0 in which AI Gateway was vulnerable to insecure template expansion of user supplied data via crafted Duo Agent Platform Flow definitions. This vulnerability could be used to cause Denial of Service or gain code execution on the Gateway. This has been fixed in versions 18.6.2, 18.7.1, and 18.8.1 of the GitLab AI Gateway.
Published: 2026-02-09T06:33:11.812Z
Updated: 2026-02-09T15:46:45.991Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.