CNNVD-202601-3833 Information
CNNVD ID
CNNVD-202601-3833
Related CVE
- CNNVD Published: 2026-01-22
Description (Chinese)
GitLab是美国GitLab公司的一个端到端软件开发平台,具有内置的版本控制、问题跟踪、代码审查、CI/CD(持续集成和持续交付)等功能。 GitLab CE/EE 18.6.4之前版本、18.7.2之前版本和18.8.2之前版本存在安全漏洞,该漏洞源于发送包含畸形身份验证数据的特制请求,可能导致拒绝服务。
Description (English)
GitLab is an end-to-end software development platform for the United States company GitLab with built-in version control, problem tracking, code review, CI/CD (continuous integration and continuous delivery). There was a security loophole in Gitlab CE/EE 18.6.4, 18.7.2 and 18.8.2 which stemmed from the sending of customized requests containing abnormal identification data, which could lead to the denial of services.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
GitLab
Published
2026-01-22
Last Modified
2026-02-24
References
https://about.gitlab.com/releases/2026/01/21/patch-release-gitlab-18-8-2-released/ https://gitlab.com/gitlab-org/gitlab/-/issues/582737 https://hackerone.com/reports/3439683
Patch
https://about.gitlab.com/releases/2026/01/21/patch-release-gitlab-18-8-2-released/
Share on: