CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 1CVE-2024-12244 – Missing Authorization in GitLab
https://notcve.org/view.php?id=CVE-2024-12244
24 Apr 2025 — An issue has been discovered in access controls could allow users to view certain restricted project information even when related features are disabled in GitLab EE, affecting all versions from 17.7 prior to 17.9.7, 17.10 prior to 17.10.5, and 17.11 prior to 17.11.1. • https://gitlab.com/gitlab-org/gitlab/-/issues/508046 • CWE-862: Missing Authorization •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 1CVE-2025-0639 – Allocation of Resources Without Limits or Throttling in GitLab
https://notcve.org/view.php?id=CVE-2025-0639
24 Apr 2025 — An issue has been discovered affecting service availability via issue preview in GitLab CE/EE affecting all versions from 16.7 before 17.9.7, 17.10 before 17.10.5, and 17.11 before 17.11.1. • https://gitlab.com/gitlab-org/gitlab/-/issues/514507 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.7EPSS: 0%CPEs: 3EXPL: 1CVE-2025-1908 – Business Logic Errors in GitLab
https://notcve.org/view.php?id=CVE-2025-1908
24 Apr 2025 — An issue has been discovered in GitLab EE/CE that could allow an attacker to track users' browsing activities, potentially leading to full account take-over, affecting all versions from 16.6 before 17.9.7, 17.10 before 17.10.5, and 17.11 before 17.11.1. • https://gitlab.com/gitlab-org/gitlab/-/issues/523065 • CWE-840: Business Logic Errors •