Gitlab — веб-платформа для управления проектами и репозиториями программного кода, работа которой основана на популярной системе контроля версий Git.
Релизный цикл, информация об уязвимостях
График релизов
Количество 4 670
GHSA-83vq-89q3-896f
An issue has been discovered in GitLab EE affecting all versions from 18.0 before 18.0.4 and 18.1 before 18.1.2 that could have allowed authenticated users with invitation privileges to bypass group-level user invitation restrictions by manipulating group invitation functionality.
GHSA-3qvq-h337-wprv
An issue has been discovered in GitLab EE affecting all versions from 13.3 before 17.11.6, 18.0 before 18.0.4, and 18.1 before 18.1.2 that could have allowed authenticated project owners to bypass group-level forking restrictions by manipulating API requests.
CVE-2025-6948
An issue has been discovered in GitLab CE/EE affecting all versions from 17.11 before 17.11.6, 18.0 before 18.0.4, and 18.1 before 18.1.2 that, under certain conditions, could have allowed a successful attacker to execute actions on behalf of users by injecting malicious content.
CVE-2025-6948
An issue has been discovered in GitLab CE/EE affecting all versions fr ...
CVE-2025-6168
An issue has been discovered in GitLab EE affecting all versions from 18.0 before 18.0.4 and 18.1 before 18.1.2 that could have allowed authenticated maintainers to bypass group-level user invitation restrictions by sending crafted API requests.
CVE-2025-6168
An issue has been discovered in GitLab EE affecting all versions from ...
CVE-2025-4972
An issue has been discovered in GitLab EE affecting all versions from 18.0 before 18.0.4 and 18.1 before 18.1.2 that could have allowed authenticated users with invitation privileges to bypass group-level user invitation restrictions by manipulating group invitation functionality.
CVE-2025-4972
An issue has been discovered in GitLab EE affecting all versions from ...
CVE-2025-3396
An issue has been discovered in GitLab EE affecting all versions from 13.3 before 17.11.6, 18.0 before 18.0.4, and 18.1 before 18.1.2 that could have allowed authenticated project owners to bypass group-level forking restrictions by manipulating API requests.
CVE-2025-3396
An issue has been discovered in GitLab EE affecting all versions from ...
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| GHSA-83vq-89q3-896f An issue has been discovered in GitLab EE affecting all versions from 18.0 before 18.0.4 and 18.1 before 18.1.2 that could have allowed authenticated users with invitation privileges to bypass group-level user invitation restrictions by manipulating group invitation functionality. | CVSS3: 2.7 | 0% Низкий | 24 дня назад |
| GHSA-3qvq-h337-wprv An issue has been discovered in GitLab EE affecting all versions from 13.3 before 17.11.6, 18.0 before 18.0.4, and 18.1 before 18.1.2 that could have allowed authenticated project owners to bypass group-level forking restrictions by manipulating API requests. | CVSS3: 4.3 | 0% Низкий | 24 дня назад |
 | CVE-2025-6948 An issue has been discovered in GitLab CE/EE affecting all versions from 17.11 before 17.11.6, 18.0 before 18.0.4, and 18.1 before 18.1.2 that, under certain conditions, could have allowed a successful attacker to execute actions on behalf of users by injecting malicious content. | CVSS3: 8.7 | 0% Низкий | 24 дня назад |
| CVE-2025-6948 An issue has been discovered in GitLab CE/EE affecting all versions fr ... | CVSS3: 8.7 | 0% Низкий | 24 дня назад |
| CVE-2025-6168 An issue has been discovered in GitLab EE affecting all versions from 18.0 before 18.0.4 and 18.1 before 18.1.2 that could have allowed authenticated maintainers to bypass group-level user invitation restrictions by sending crafted API requests. | CVSS3: 2.7 | 0% Низкий | 24 дня назад |
| CVE-2025-6168 An issue has been discovered in GitLab EE affecting all versions from ... | CVSS3: 2.7 | 0% Низкий | 24 дня назад |
| CVE-2025-4972 An issue has been discovered in GitLab EE affecting all versions from 18.0 before 18.0.4 and 18.1 before 18.1.2 that could have allowed authenticated users with invitation privileges to bypass group-level user invitation restrictions by manipulating group invitation functionality. | CVSS3: 2.7 | 0% Низкий | 24 дня назад |
| CVE-2025-4972 An issue has been discovered in GitLab EE affecting all versions from ... | CVSS3: 2.7 | 0% Низкий | 24 дня назад |
| CVE-2025-3396 An issue has been discovered in GitLab EE affecting all versions from 13.3 before 17.11.6, 18.0 before 18.0.4, and 18.1 before 18.1.2 that could have allowed authenticated project owners to bypass group-level forking restrictions by manipulating API requests. | CVSS3: 4.3 | 0% Низкий | 24 дня назад |
| CVE-2025-3396 An issue has been discovered in GitLab EE affecting all versions from ... | CVSS3: 4.3 | 0% Низкий | 24 дня назад |
Уязвимостей на страницу