2024

2023

2022

2021

2020

2019

CVE-2019-11546 (v3: 5.3) 9 Sep 2019
An issue was discovered in GitLab Community and Enterprise Edition before 11.8.9, 11.9.x before 11.9.10, and 11.10.x before 11.10.2. It has a Race Condition which could allow users to approve a merge request multiple times and potentially reach the approval count required to merge.

2018

CVE-2018-19572 (v3: 5.9) 10 Jul 2019
GitLab CE 8.17 and later and EE 8.3 and later have a symlink time-of-check-to-time-of-use race condition that would allow unauthorized access to files in the GitLab Pages chroot environment. This is fixed in versions 11.5.1, 11.4.8, and 11.3.11.

2017

2016

2015