Логотип exploitDog
product: "gitlab"
Консоль
Логотип exploitDog

exploitDog

product: "gitlab"
Gitlab

Gitlabвеб-платформа для управления проектами и репозиториями программного кода, работа которой основана на популярной системе контроля версий Git.

Релизный цикл, информация об уязвимостях

Продукт: Gitlab
Вендор: gitlab

График релизов

18.818.918.1020262027

Недавние уязвимости Gitlab

Количество 5 499

github логотип

GHSA-p3cx-frrm-35m8

14 дней назад

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.14 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user to gain unauthorized access to confidential issue title created in public projects under certain circumstances.

CVSS3: 4.3
EPSS: Низкий
debian логотип

CVE-2026-1182

14 дней назад

GitLab has remediated an issue in GitLab CE/EE affecting all versions ...

CVSS3: 4.3
EPSS: Низкий
nvd логотип

CVE-2026-1182

14 дней назад

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.14 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user to gain unauthorized access to confidential issue title created in public projects under certain circumstances.

CVSS3: 4.3
EPSS: Низкий
ubuntu логотип

CVE-2026-1182

14 дней назад

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.14 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user to gain unauthorized access to confidential issue title created in public projects under certain circumstances.

CVSS3: 4.3
EPSS: Низкий
github логотип

GHSA-gcgf-w628-jq5c

14 дней назад

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.6 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user to disclose confidential issue titles due to improper filtering under certain circumstances.

CVSS3: 4.3
EPSS: Низкий
github логотип

GHSA-j3mj-q4f3-88pf

14 дней назад

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.9 before 18.9.2 that could have allowed an unauthenticated user to cause a denial of service by sending specially crafted GraphQL requests due to uncontrolled recursion under certain circumstances.

CVSS3: 7.5
EPSS: Низкий
github логотип

GHSA-wj4p-jhrc-wr8q

14 дней назад

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.11 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an unauthenticated user to cause a denial of service condition due to improper input validation when processing specially crafted JSON payloads in the protected branches API.

CVSS3: 7.5
EPSS: Низкий
github логотип

GHSA-w927-ccxx-qvrj

14 дней назад

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.1 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that, under certain conditions, could have allowed an authenticated user to access previous pipeline job information on projects with repository and CI/CD disabled due to improper authorization checks.

CVSS3: 4.3
EPSS: Низкий
github логотип

GHSA-qv6p-pfj5-mhj9

14 дней назад

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 10.6 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user, when the `markdown_placeholders` feature flag was enabled, to inject JavaScript in a browser due to improper sanitization of placeholder content in markdown processing.

CVSS3: 8.7
EPSS: Низкий
github логотип

GHSA-6mr8-cjxv-868w

14 дней назад

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 10.0 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an unauthenticated user to cause a denial of service by issuing specially crafted requests to repository archive endpoints under certain conditions.

CVSS3: 7.5
EPSS: Низкий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
1
github логотип
GHSA-p3cx-frrm-35m8

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.14 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user to gain unauthorized access to confidential issue title created in public projects under certain circumstances.

CVSS3: 4.3
0%
Низкий
14 дней назад
debian логотип
CVE-2026-1182

GitLab has remediated an issue in GitLab CE/EE affecting all versions ...

CVSS3: 4.3
0%
Низкий
14 дней назад
nvd логотип
CVE-2026-1182

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.14 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user to gain unauthorized access to confidential issue title created in public projects under certain circumstances.

CVSS3: 4.3
0%
Низкий
14 дней назад
ubuntu логотип
CVE-2026-1182

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.14 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user to gain unauthorized access to confidential issue title created in public projects under certain circumstances.

CVSS3: 4.3
0%
Низкий
14 дней назад
github логотип
GHSA-gcgf-w628-jq5c

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.6 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user to disclose confidential issue titles due to improper filtering under certain circumstances.

CVSS3: 4.3
0%
Низкий
14 дней назад
github логотип
GHSA-j3mj-q4f3-88pf

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.9 before 18.9.2 that could have allowed an unauthenticated user to cause a denial of service by sending specially crafted GraphQL requests due to uncontrolled recursion under certain circumstances.

CVSS3: 7.5
0%
Низкий
14 дней назад
github логотип
GHSA-wj4p-jhrc-wr8q

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.11 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an unauthenticated user to cause a denial of service condition due to improper input validation when processing specially crafted JSON payloads in the protected branches API.

CVSS3: 7.5
0%
Низкий
14 дней назад
github логотип
GHSA-w927-ccxx-qvrj

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.1 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that, under certain conditions, could have allowed an authenticated user to access previous pipeline job information on projects with repository and CI/CD disabled due to improper authorization checks.

CVSS3: 4.3
0%
Низкий
14 дней назад
github логотип
GHSA-qv6p-pfj5-mhj9

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 10.6 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user, when the `markdown_placeholders` feature flag was enabled, to inject JavaScript in a browser due to improper sanitization of placeholder content in markdown processing.

CVSS3: 8.7
0%
Низкий
14 дней назад
github логотип
GHSA-6mr8-cjxv-868w

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 10.0 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an unauthenticated user to cause a denial of service by issuing specially crafted requests to repository archive endpoints under certain conditions.

CVSS3: 7.5
0%
Низкий
14 дней назад

Уязвимостей на страницу


Поделиться