Gitlab — веб-платформа для управления проектами и репозиториями программного кода, работа которой основана на популярной системе контроля версий Git.
Релизный цикл, информация об уязвимостях
График релизов
Количество 5 268
CVE-2025-6769
An issue has been discovered in GitLab CE/EE affecting all versions fr ...
CVE-2025-6454
An issue has been discovered in GitLab CE/EE affecting all versions from 16.11 before 18.1.6, 18.2 before 18.2.6, and 18.3 before 18.3.2 that could have allowed authenticated users to make unintended internal requests through proxy environments by injecting crafted sequences.
CVE-2025-6454
An issue has been discovered in GitLab CE/EE affecting all versions fr ...
CVE-2025-2256
An issue has been discovered in GitLab CE/EE affecting all versions from 7.12 before 18.1.6, 18.2 before 18.2.6, and 18.3 before 18.3.2 that could have allowed unauthorized users to render the GitLab instance unresponsive to legitimate users by sending multiple concurrent large SAML responses.
CVE-2025-2256
An issue has been discovered in GitLab CE/EE affecting all versions fr ...
CVE-2025-1250
An issue has been discovered in GitLab CE/EE affecting all versions from 15.0 before 18.1.6, 18.2 before 18.2.6, and 18.3 before 18.3.2 that could have allowed an authenticated user to stall background job processing by sending specially crafted commit messages, merge request descriptions, or notes.
CVE-2025-1250
An issue has been discovered in GitLab CE/EE affecting all versions fr ...
CVE-2025-2256
An issue has been discovered in GitLab CE/EE affecting all versions from 7.12 before 18.1.6, 18.2 before 18.2.6, and 18.3 before 18.3.2 that could have allowed unauthorized users to render the GitLab instance unresponsive to legitimate users by sending multiple concurrent large SAML responses.
CVE-2025-6769
An issue has been discovered in GitLab CE/EE affecting all versions from 15.1 before 18.1.6, 18.2 before 18.2.6, and 18.3 before 18.3.2 that could have allowed authenticated users to view administrator-only maintenance notes by accessing runner details through specific interfaces.
CVE-2025-10094
An issue has been discovered in GitLab CE/EE affecting all versions from 10.7 before 18.1.6, 18.2 before 18.2.6, and 18.3 before 18.3.2 that could have allowed authenticated users to disrupt access to token listings and related administrative operations by creating tokens with excessively large names.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| CVE-2025-6769 An issue has been discovered in GitLab CE/EE affecting all versions fr ... | CVSS3: 4.3 | 0% Низкий | 5 месяцев назад |
 | CVE-2025-6454 An issue has been discovered in GitLab CE/EE affecting all versions from 16.11 before 18.1.6, 18.2 before 18.2.6, and 18.3 before 18.3.2 that could have allowed authenticated users to make unintended internal requests through proxy environments by injecting crafted sequences. | CVSS3: 8.5 | 0% Низкий | 5 месяцев назад |
| CVE-2025-6454 An issue has been discovered in GitLab CE/EE affecting all versions fr ... | CVSS3: 8.5 | 0% Низкий | 5 месяцев назад |
| CVE-2025-2256 An issue has been discovered in GitLab CE/EE affecting all versions from 7.12 before 18.1.6, 18.2 before 18.2.6, and 18.3 before 18.3.2 that could have allowed unauthorized users to render the GitLab instance unresponsive to legitimate users by sending multiple concurrent large SAML responses. | CVSS3: 7.5 | 0% Низкий | 5 месяцев назад |
| CVE-2025-2256 An issue has been discovered in GitLab CE/EE affecting all versions fr ... | CVSS3: 7.5 | 0% Низкий | 5 месяцев назад |
| CVE-2025-1250 An issue has been discovered in GitLab CE/EE affecting all versions from 15.0 before 18.1.6, 18.2 before 18.2.6, and 18.3 before 18.3.2 that could have allowed an authenticated user to stall background job processing by sending specially crafted commit messages, merge request descriptions, or notes. | CVSS3: 6.5 | 0% Низкий | 5 месяцев назад |
| CVE-2025-1250 An issue has been discovered in GitLab CE/EE affecting all versions fr ... | CVSS3: 6.5 | 0% Низкий | 5 месяцев назад |
 | CVE-2025-2256 An issue has been discovered in GitLab CE/EE affecting all versions from 7.12 before 18.1.6, 18.2 before 18.2.6, and 18.3 before 18.3.2 that could have allowed unauthorized users to render the GitLab instance unresponsive to legitimate users by sending multiple concurrent large SAML responses. | 0% Низкий | 5 месяцев назад | |
| CVE-2025-6769 An issue has been discovered in GitLab CE/EE affecting all versions from 15.1 before 18.1.6, 18.2 before 18.2.6, and 18.3 before 18.3.2 that could have allowed authenticated users to view administrator-only maintenance notes by accessing runner details through specific interfaces. | 0% Низкий | 5 месяцев назад | |
| CVE-2025-10094 An issue has been discovered in GitLab CE/EE affecting all versions from 10.7 before 18.1.6, 18.2 before 18.2.6, and 18.3 before 18.3.2 that could have allowed authenticated users to disrupt access to token listings and related administrative operations by creating tokens with excessively large names. | CVSS3: 6.5 | 0% Низкий | 5 месяцев назад |
Уязвимостей на страницу