Gitlab

Improper access control in GitLab CE/EE 16.9.6-18.10.2 enables authenticated attackers to invoke unauthorized server-side methods via websocket connections, achieving high-severity information disclosure with changed scope. Affects continuous integration/deployment platforms running vulnerable GitLab instances. Exploitation requires low-privilege authentication but no user interaction, enabling lateral information access across security boundaries.

Improper authorization checks in GitLab CE/EE versions 18.2-18.10.2 allow authenticated users with custom role permissions to demote or remove higher-privileged group members, violating role-based access control boundaries. The vulnerability requires high-privilege authentication and results only in integrity compromise (member privilege modification), not data exposure or availability loss. CVSS score of 2.7 reflects the restricted attack surface, though the reputational and operational risk of privilege escalation via role abuse warrants timely patching.

Stored cross-site scripting (XSS) in GitLab EE customizable analytics dashboards allows authenticated users to execute arbitrary JavaScript in other users' browsers due to improper input sanitization. Affected versions include 18.2-18.8.8, 18.9-18.9.4, and 18.10-18.10.2. An attacker with valid GitLab credentials can craft malicious dashboard configurations that execute when other users view the dashboard, potentially stealing session tokens, modifying visible data, or performing actions on behalf of the victim. No public exploit code or active exploitation in the wild has been confirmed; patches are available.

GitLab EE versions 18.6-18.8.8, 18.9-18.9.4, and 18.10-18.10.2 allow authenticated users with auditor role privileges to modify vulnerability flag data in private projects due to improper authorization checks. The vulnerability requires valid GitLab credentials and auditor-level access but enables unauthorized data integrity compromise within project security contexts.

GitLab CE/EE versions 18.2-18.10.2 allow authenticated users to export confidential issues assigned to other users via CSV export due to missing authorization validation. The vulnerability affects approximately three release branches with a moderate CVSS score of 4.3, limited by the requirement for prior authentication and lack of integrity impact, but represents a direct confidentiality breach in multi-tenant environments where issue classification is a security boundary.

GitLab EE versions 11.3 through 18.10.2 allow authenticated developers to modify protected environment settings through improper authorization checks in the API, enabling privilege escalation within project scope. The vulnerability requires valid developer credentials and network access but allows an attacker to alter security-critical environment configurations without appropriate permissions. CVSS 4.3 (low severity) reflects limited scope and integrity-only impact; no public exploit or active exploitation via CISA KEV has been confirmed.

Authenticated users can leak IP addresses of other users viewing Code Quality reports in GitLab EE through specially crafted malicious content injection. The vulnerability affects GitLab EE versions 18.0.0 through 18.10.2, requires user interaction (report viewing), and has been patched in versions 18.8.9, 18.9.5, and 18.10.3. No public exploit code or active exploitation has been confirmed; the vulnerability was discovered and reported through the GitLab responsible disclosure program.

Denial of service in GitLab EE 18.2-18.10 allows authenticated users to crash the GitLab instance through improper input validation in GraphQL queries. GitLab EE versions 18.2 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 are affected. An authenticated attacker with any valid GitLab account can trigger the vulnerability by submitting a malformed GraphQL query, causing the instance to become unavailable. No public exploit code has been identified at the time of analysis, and the vulnerability is not listed in CISA's Known Exploited Vulnerabilities catalog.

Denial of service in GitLab CE/EE versions 12.10 through 18.8.8, 18.9 through 18.9.4, and 18.10 through 18.10.2 allows unauthenticated remote attackers to crash GitLab services via malformed JSON payloads. Improper input validation (CWE-1284) enables resource exhaustion attacks without authentication. CVSS 7.5 (High) reflects network-accessible attack with low complexity requiring no user interaction. No public exploit identified at time of analysis. EPSS data unavailable; not listed in CISA KEV.

Authenticated users in GitLab EE versions 16.6-18.8.8, 18.9-18.9.4, and 18.10-18.10.2 can expose other users' email addresses through specific GraphQL queries due to improper authorization checks. An authenticated attacker can enumerate valid user accounts and retrieve their email addresses without additional privileges, violating confidentiality. No public exploit code or active exploitation has been confirmed; patches are available in GitLab 18.8.9, 18.9.5, and 18.10.3.

Denial of service in GitLab CE/EE versions 13.0 through 18.10.2 allows unauthenticated remote attackers to exhaust server resources via repeated GraphQL queries. Affects all installations from version 13.0 before patched releases 18.8.9, 18.9.5, and 18.10.3. Attackers can degrade or halt GitLab service availability without authentication, impacting development workflows and CI/CD pipelines. No public exploit identified at time of analysis.

Improper authorization in GitLab CE/EE Jira Connect integration allows authenticated users with minimal workspace permissions to steal installation credentials and impersonate the GitLab application. Affects versions 14.3 through 18.8.6, 18.9.0-18.9.2, and 18.10.0. Vendor-released patches available in versions 18.8.7, 18.9.3, and 18.10.1. High CVSS score (8.1) reflects significant confidentiality and integrity impact with low attack complexity. No public exploit identified at time of analysis, though detailed disclosure exists via HackerOne report.

GitLab CE/EE contains a denial of service vulnerability in webhook configuration processing that allows authenticated users to consume excessive server resources, affecting versions 16.10 through 18.10.0. An attacker with valid GitLab credentials can trigger this issue by submitting specially crafted webhook configuration inputs, resulting in application unavailability. A proof-of-concept exploit is publicly available via HackerOne, and patches are available for affected versions.

GitLab CE/EE contains a denial of service vulnerability in CI-related input handling that allows authenticated users to consume excessive server resources, potentially rendering the service unavailable. Versions 13.7 through 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 are affected across all GitLab installations. A publicly available proof-of-concept exists from HackerOne (report 3418149), though CISA has not flagged this for active exploitation in the wild, and the SSVC framework indicates no evidence of current weaponization despite automatable characteristics being unavailable.

An improper access control vulnerability in GitLab EE allows authenticated users with the Planner role to view sensitive security category metadata and attributes in group security configurations they should not have access to. Affected versions include GitLab 18.6 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1. While the CVSS score is moderate at 4.3 (low confidentiality impact), a publicly available proof-of-concept exists and the vulnerability represents a straightforward privilege escalation through role-based access control bypass.

GitLab EE contains an improper access control vulnerability that allows unauthenticated users to retrieve API tokens for self-hosted AI models without authentication. The vulnerability affects GitLab versions 18.5 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1, impacting any organization running these versions with AI model integrations. With a CVSS score of 6.8 and publicly available proof-of-concept code, this represents a significant credential exposure risk requiring immediate patching.

GitLab CE/EE versions 7.11 through 18.10 contain an authentication bypass vulnerability in the WebAuthn two-factor authentication implementation due to inconsistent input validation, allowing unauthenticated attackers to gain unauthorized access to user accounts. The vulnerability affects a wide version range spanning multiple releases (7.11 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1). A proof-of-concept exploit is publicly available, and while the CVSS score of 6.8 indicates moderate severity, the authentication bypass nature and active exploit availability represent a significant real-world threat to GitLab deployments.

GitLab CE/EE contains an improper access control vulnerability in cross-repository merge request operations that allows authenticated users to perform unauthorized actions on merge requests in projects they should not have access to. Affected versions span from 11.10 through 18.10.1, with patches available in 18.8.7, 18.9.3, and 18.10.1. A public proof-of-concept exploit exists (referenced via HackerOne report 3543886), though CISA has not listed this in the Known Exploited Vulnerabilities catalog, indicating limited active exploitation despite public availability of exploit code.

This vulnerability is a stored cross-site scripting (XSS) flaw in GitLab's Mermaid diagram rendering that allows authenticated users to inject arbitrary JavaScript code into other users' browsers through improperly sanitized entity-encoded content. The vulnerability affects GitLab CE/EE versions 17.7 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1, with a CVSS score of 5.4 (medium severity). A public proof-of-concept exploit is available on HackerOne, indicating active awareness in the security community.

Improper HTML sanitization in GitLab EE versions 15.4-18.10.1 allows authenticated users to add email addresses to arbitrary user accounts, potentially enabling account takeover or unauthorized access escalation. Public exploit code exists for this vulnerability, and no patch is currently available. Affected deployments should implement access controls to restrict user modification privileges until updates become available.

A Cross-Site Request Forgery (CSRF) vulnerability in GitLab Community Edition and Enterprise Edition allows unauthenticated attackers to execute arbitrary GraphQL mutations on behalf of authenticated users without their consent. All versions from 17.10 before 18.8.7, versions 18.9 before 18.9.3, and versions 18.10 before 18.10.1 are affected. A public proof-of-concept exploit is available via HackerOne report 3584382, significantly increasing the risk of active exploitation.

GitLab CE/EE contains a denial of service vulnerability in GraphQL request processing due to improper input validation (CWE-407). All versions from 18.5 through 18.8.6, 18.9 through 18.9.2, and 18.10 before 18.10.1 are affected. An unauthenticated attacker can remotely exploit this with low complexity to render GitLab instances unresponsive, and a public proof-of-concept exploit is available via HackerOne report 3597342.

GitLab EE versions 18.1 through 18.8.6, 18.9.0 through 18.9.2, and 18.10.0 suffer from improper caching of authorization decisions that allows authenticated users to gain unauthorized access to resources under certain conditions. The vulnerability requires user interaction and has relatively high attack complexity, but impacts confidentiality and integrity of accessed resources. No public evidence of active exploitation or proof-of-concept code is currently documented.

An authenticated user could view confidential issue titles in public GitLab projects that they shouldn't have access to due to a flaw in access controls. This affects GitLab CE/EE versions 8.14 through 18.9.1, impacting any organization using these versions. An attacker with a GitLab account could exploit this to read sensitive information hidden in issue titles, potentially exposing confidential project details.

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.1 versions up to 18.7.6 is affected by incorrect authorization (CVSS 4.3).

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.11 versions up to 18.7.6 contains a security vulnerability (CVSS 5.0).

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.6 versions up to 18.7.6 contains a security vulnerability (CVSS 4.3).

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 14.4 versions up to 18.7.6 is affected by missing authorization (CVSS 4.3).

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 1.0 versions up to 18.7.6 is affected by use of incorrectly-resolved name or reference (CVSS 4.1).

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 10.6 versions up to 18.7.6 is affected by cross-site scripting (xss) (CVSS 8.7).

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.9 versions up to 18.9.2 is affected by uncontrolled recursion (CVSS 7.5).

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.6 versions up to 18.7.6 contains a security vulnerability (CVSS 4.3).

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.11 versions up to 18.7.6 contains a security vulnerability (CVSS 7.5).

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 10.0 versions up to 18.7.6 is affected by allocation of resources without limits or throttling (CVSS 7.5).

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.11 versions up to 18.7.6 is affected by allocation of resources without limits or throttling (CVSS 6.5).

GitLab has remediated an issue in GitLab EE affecting all versions from 18.2 versions up to 18.7.6 is affected by missing authorization (CVSS 3.5).

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.5 versions up to 18.7.6 is affected by improper encoding or escaping of output (CVSS 2.2).

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.3 versions up to 18.7.6 is affected by allocation of resources without limits or throttling (CVSS 6.5).

Gitlab versions up to 18.7.5 is affected by allocation of resources without limits or throttling (CVSS 6.5).

Unauthorized modification of protected Conan packages in GitLab EE allows Developer-role users to bypass package protection controls under specific conditions. Affected versions include 17.11 through 18.7.4, 18.8.0 through 18.8.4, and 18.9.0 before 18.9.1. An attacker with Developer privileges could alter protected package contents despite insufficient permissions to do so.

Gitlab versions up to 18.9.0 is affected by allocation of resources without limits or throttling (CVSS 5.3).

Gitlab versions up to 18.7.5 is affected by allocation of resources without limits or throttling (CVSS 7.5).

Gitlab versions up to 18.7.5 is affected by inefficient regular expression complexity (redos) (CVSS 7.5).

GitLab CE/EE versions 16.2 through 18.9.0 are vulnerable to cross-site scripting (XSS) in the Mermaid sandbox UI, allowing unauthenticated attackers to inject arbitrary scripts under specific conditions. The vulnerability affects multiple release branches and currently has no available patch, requiring users to upgrade to patched versions 18.7.5, 18.8.5, or 18.9.1 and later. An attacker could exploit this to perform malicious actions in the context of other users' sessions, potentially compromising sensitive data or account security.

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.2 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that could have allowed an unauthenticated user to cause denial of service by sending specially crafted files to the container registry event endpoint under certain conditions. [CVSS 7.5 HIGH]

Gitlab versions up to 18.7.5 is affected by allocation of resources without limits or throttling (CVSS 6.5).

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.7 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that could have allowed an unauthorized user with Developer-role permissions to set pipeline variables for manually triggered jobs under certain conditions. [CVSS 4.3 MEDIUM]

Gitlab versions up to 18.6.6 is affected by allocation of resources without limits or throttling (CVSS 6.5).

Gitlab versions up to 18.7.4 is affected by allocation of resources without limits or throttling (CVSS 6.5).

Gitlab versions up to 18.6.6 is affected by allocation of resources without limits or throttling (CVSS 6.5).

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.6 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that could have allowed an authenticated user to inject malicious content into project labels titles. [CVSS 3.5 LOW]

GitLab CE/EE versions 18.8 before 18.8.4 allow authenticated developers to obscure file modifications from the web interface through specially crafted changes. This vulnerability enables users with developer privileges to conceal their code alterations from visibility and review, potentially bypassing transparency controls. Currently no patch is available, and the issue requires user interaction to exploit.

Gitlab versions up to 18.6.6 is affected by authorization bypass through user-controlled key (CVSS 4.3).

GitLab CE/EE versions 18.4 through 18.8 are vulnerable to unauthenticated denial of service attacks where an attacker can exhaust server resources by circumventing JSON validation limits. An unauthenticated remote attacker can trigger excessive memory or CPU consumption without authentication or user interaction, potentially rendering the service unavailable. Currently no patch is available for this vulnerability.

Authenticated users in GitLab CE/EE versions 13.9 through 18.8.3 can inject HTML into test case titles to add unauthorized email addresses to victim accounts. This stored XSS vulnerability requires user interaction and does not impact confidentiality of the attacker's own data. No patch is currently available for this high-severity issue affecting multiple recent GitLab versions.

Gitlab versions up to 18.6.6 is affected by allocation of resources without limits or throttling (CVSS 7.5).

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.2 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that could have allowed an unauthenticated user to steal tokens and access private repositories by abusing incomplete validation in the Web IDE. [CVSS 8.0 HIGH]

Gitlab versions up to 18.6.6 is affected by authorization bypass through user-controlled key (CVSS 3.5).

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.6 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that, under certain conditions could have allowed an authenticated user to perform unauthorized operations by submitting GraphQL mutations through the GLQL API endpoint. [CVSS 3.7 LOW]

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.1 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that, under certain conditions could have allowed an authenticated user to perform unauthorized actions on behalf of another user by injecting malicious content into vulnerability code flow. [CVSS 7.3 HIGH]

GitLab has remediated an issue in GitLab EE affecting all versions from 18.0 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that, under certain conditions could have allowed an authenticated user with certain permissions to make unauthorized requests to internal network services through the GitLab server. [CVSS 5.4 MEDIUM]

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.0 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that, under certain conditions, could have allowed an authenticated user to perform server-side request forgery against internal services by bypassing protections in the Git repository import functionality. [CVSS 4.3 MEDIUM]

GitLab AI Gateway's Duo Workflow Service has a CVSS 9.9 server-side template injection enabling code execution through the AI workflow system.

A vulnerability has been discovered in GitLab CE/EE affecting all versions starting with 16.8 before 18.5.0 that could have allowed unauthorized edits to merge request approval rules under certain conditions. [CVSS 3.1 LOW]

Gitlab versions up to 18.6.4 is affected by allocation of resources without limits or throttling (CVSS 5.3).

GitLab CE/EE versions 18.6 before 18.6.4, 18.7 before 18.7.2, and 18.8 before 18.8.2 are vulnerable to two-factor authentication bypass when an attacker has knowledge of a victim's credential ID and can forge device responses. This allows an unauthenticated attacker to circumvent 2FA protections and gain unauthorized access to accounts. No patch is currently available.

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.7 before 18.6.4, 18.7 before 18.7.2, and 18.8 before 18.8.2 that could have allowed an unauthenticated user to cause a denial of service condition by exploiting incorrect authorization validation in API endpoints. [CVSS 7.5 HIGH]

Gitlab versions up to 18.6.4 is affected by allocation of resources without limits or throttling (CVSS 7.5).

Gitlab versions up to 18.6.4 is affected by loop with unreachable exit condition (infinite loop) (CVSS 6.5).

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.10 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2 that could have allowed an authenticated user to execute stored cross-site scripting through improper input validation in the Kubernetes proxy functionality. [CVSS 7.7 HIGH]

Kiro IDE versions before 0.6.18 are vulnerable to command injection when processing maliciously named workspace folders in the GitLab Merge-Request helper, allowing local attackers with user interaction to execute arbitrary commands with high impact on confidentiality, integrity, and availability. The vulnerability requires local access and user interaction to open a crafted workspace, but no patch is currently available and exploitation requires minimal complexity. Users should restrict workspace access and avoid opening untrusted workspace folders until an update is released.

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.2.2 before 18.5.5, 18.6 before 18.6.3, and 18.7 before 18.7.1 that could have allowed an authenticated user to achieve stored cross-site scripting by exploiting GitLab Flavored Markdown. [CVSS 8.7 HIGH]

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 10.3 before 18.5.5, 18.6 before 18.6.3, and 18.7 before 18.7.1 that could have allowed a user to leak certain information by referencing specially crafted images that bypass asset proxy protection. [CVSS 3.5 LOW]

GitLab has remediated an issue in GitLab EE affecting all versions from 18.5 before 18.5.5, 18.6 before 18.6.3, and 18.7 before 18.7.1 that could have allowed an authenticated user to modify instance-wide AI feature provider settings by exploiting missing authorization checks in GraphQL mutations. [CVSS 6.5 MEDIUM]

GitLab has remediated an issue in GitLab EE affecting all versions from 18.4 before 18.5.5, 18.6 before 18.6.3, and 18.7 before 18.7.1 that could have allowed an authenticated user to access and utilize AI model settings from unauthorized namespaces by manipulating namespace identifiers in API requests. [CVSS 7.1 HIGH]

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.6 before 18.6.3, and 18.7 before 18.7.1 that could have allowed an unauthenticated user to execute arbitrary code in the context of an authenticated user's browser by convincing the legitimate user to visit a specially crafted webpage. [CVSS 8.0 HIGH]

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.4 before 18.5.5, 18.6 before 18.6.3, and 18.7 before 18.7.1 that could have allowed an authenticated user with specific permissions to remove all project runners from unrelated projects by manipulating GraphQL runner associations. [CVSS 5.4 MEDIUM]

Gitlab versions up to 18.5.5 is affected by allocation of resources without limits or throttling (CVSS 6.5).

Spinnaker is an open source, multi-cloud continuous delivery platform. Versions prior to 2025.1.6, 2025.2.3, and 2025.3.0 are vulnerable to server-side request forgery. [CVSS 7.9 HIGH]

HedgeDoc is an open source, real-time, collaborative, markdown notes application. Prior to 1.10.4, some of HedgeDoc's OAuth2 endpoints for social login providers such as Google, GitHub, GitLab, Facebook or Dropbox lack CSRF protection, since they don't send a state parameter and verify the response using this parameter. This vulnerability is fixed in 1.10.4.

A security vulnerability in GitLab CE/EE affecting all (CVSS 7.7). High severity vulnerability requiring prompt remediation.

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.3 before 18.4.5, 18.5 before 18.5.3, and 18.6 before 18.6.1 that could have allowed an authenticated user with specific. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

GitLab has remediated an issue in GitLab EE affecting all versions from 13.7 before 18.4.5, 18.5 before 18.5.3, and 18.6 before 18.6.1 that could have allowed an authenticated user to view. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.2 before 18.4.5, 18.5 before 18.5.3, and 18.6 before 18.6.1 that could have allowed an authenticated user with access to. Rated low severity (CVSS 2.0), this vulnerability is remotely exploitable. No vendor patch available.

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.3 before 18.4.5, 18.5 before 18.5.3, and 18.6 before 18.6.1 that under specific conditions could have allowed an. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.4.5, 18.5 before 18.5.3, and 18.6 before 18.6.1 that could have allowed an unauthenticated user to cause a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.7 to 18.2.8, 18.3 before 18.3.4, and 18.4 before 18.4.2 that could have allowed authenticated users without project. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.9 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2 that could have allowed an authenticated attacker to cause a. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.9 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2 that could have allowed an authenticated attacker to bypass. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.

An issue has been discovered in GitLab CE/EE affecting all versions from 17.6 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2, that, under specific conditions, could have allowed. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.