Gitlab — веб-платформа для управления проектами и репозиториями программного кода, работа которой основана на популярной системе контроля версий Git.
Релизный цикл, информация об уязвимостях
График релизов
Количество 5 336
GHSA-3735-4fjf-vq4q
A vulnerability has been discovered in GitLab CE/EE affecting all versions starting with 16.8 before 18.5.0 that could have allowed unauthorized edits to merge request approval rules under certain conditions.
CVE-2026-1751
A vulnerability has been discovered in GitLab CE/EE affecting all vers ...
CVE-2026-1751
A vulnerability has been discovered in GitLab CE/EE affecting all versions starting with 16.8 before 18.5.0 that could have allowed unauthorized edits to merge request approval rules under certain conditions.
CVE-2026-1751
A vulnerability has been discovered in GitLab CE/EE affecting all versions starting with 16.8 before 18.5.0 that could have allowed unauthorized edits to merge request approval rules under certain conditions.
GHSA-gr75-mcwq-hxv5
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.6 before 18.6.4, 18.7 before 18.7.2, and 18.8 before 18.8.2 that could have allowed an individual with existing knowledge of a victim's credential ID to bypass two-factor authentication by submitting forged device responses.
GHSA-4v3f-ffrw-xcx6
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.9 before 18.6.4, 18.7 before 18.7.2, and 18.8 before 18.8.2 that could have allowed an unauthenticated user to create a denial of service condition by sending crafted requests with malformed authentication data.
GHSA-3rr2-xxqc-95fc
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.3 before 18.6.4, 18.7 before 18.7.2, and 18.8 before 18.8.2 that could have allowed an unauthenticated user to create a denial of service condition by sending repeated malformed SSH authentication requests.
GHSA-rf7g-f56c-v6w4
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.7 before 18.6.4, 18.7 before 18.7.2, and 18.8 before 18.8.2 that could have allowed an unauthenticated user to cause a denial of service condition by exploiting incorrect authorization validation in API endpoints.
CVE-2026-1102
GitLab has remediated an issue in GitLab CE/EE affecting all versions ...
CVE-2026-1102
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.3 before 18.6.4, 18.7 before 18.7.2, and 18.8 before 18.8.2 that could have allowed an unauthenticated user to create a denial of service condition by sending repeated malformed SSH authentication requests.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| GHSA-3735-4fjf-vq4q A vulnerability has been discovered in GitLab CE/EE affecting all versions starting with 16.8 before 18.5.0 that could have allowed unauthorized edits to merge request approval rules under certain conditions. | CVSS3: 3.1 | 0% Низкий | 6 дней назад |
| CVE-2026-1751 A vulnerability has been discovered in GitLab CE/EE affecting all vers ... | CVSS3: 3.1 | 0% Низкий | 7 дней назад |
 | CVE-2026-1751 A vulnerability has been discovered in GitLab CE/EE affecting all versions starting with 16.8 before 18.5.0 that could have allowed unauthorized edits to merge request approval rules under certain conditions. | CVSS3: 3.1 | 0% Низкий | 7 дней назад |
 | CVE-2026-1751 A vulnerability has been discovered in GitLab CE/EE affecting all versions starting with 16.8 before 18.5.0 that could have allowed unauthorized edits to merge request approval rules under certain conditions. | CVSS3: 3.1 | 0% Низкий | 7 дней назад |
| GHSA-gr75-mcwq-hxv5 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.6 before 18.6.4, 18.7 before 18.7.2, and 18.8 before 18.8.2 that could have allowed an individual with existing knowledge of a victim's credential ID to bypass two-factor authentication by submitting forged device responses. | CVSS3: 7.4 | 0% Низкий | 17 дней назад |
| GHSA-4v3f-ffrw-xcx6 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.9 before 18.6.4, 18.7 before 18.7.2, and 18.8 before 18.8.2 that could have allowed an unauthenticated user to create a denial of service condition by sending crafted requests with malformed authentication data. | CVSS3: 7.5 | 0% Низкий | 17 дней назад |
| GHSA-3rr2-xxqc-95fc GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.3 before 18.6.4, 18.7 before 18.7.2, and 18.8 before 18.8.2 that could have allowed an unauthenticated user to create a denial of service condition by sending repeated malformed SSH authentication requests. | CVSS3: 5.3 | 0% Низкий | 17 дней назад |
| GHSA-rf7g-f56c-v6w4 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.7 before 18.6.4, 18.7 before 18.7.2, and 18.8 before 18.8.2 that could have allowed an unauthenticated user to cause a denial of service condition by exploiting incorrect authorization validation in API endpoints. | CVSS3: 7.5 | 0% Низкий | 17 дней назад |
| CVE-2026-1102 GitLab has remediated an issue in GitLab CE/EE affecting all versions ... | CVSS3: 5.3 | 0% Низкий | 17 дней назад |
| CVE-2026-1102 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.3 before 18.6.4, 18.7 before 18.7.2, and 18.8 before 18.8.2 that could have allowed an unauthenticated user to create a denial of service condition by sending repeated malformed SSH authentication requests. | CVSS3: 5.3 | 0% Низкий | 17 дней назад |
Уязвимостей на страницу