296,172
Total vulnerabilities in the database
An issue has been discovered in GitLab EE that allows for cross-site-scripting attack and content security policy bypass in a user's browser under specific conditions, affecting all versions from 16.6 before 17.9.7, 17.10 before 17.10.5, and 17.11 before 17.11.1.
| Software | From | Fixed in |
|---|---|---|
| gitlab / gitlab | 17.10.0 | 17.10.5 |
| gitlab / gitlab | 17.11.0 | 17.11.0.x |
| gitlab / gitlab | 16.6.0 | 17.9.7 |