Gitlab — веб-платформа для управления проектами и репозиториями программного кода, работа которой основана на популярной системе контроля версий Git.
Релизный цикл, информация об уязвимостях
График релизов
Количество 5 332
GHSA-6cfx-8gfv-h75g
An issue has been discovered in GitLab CE/EE affecting all versions from 10.7 before 18.1.6, 18.2 before 18.2.6, and 18.3 before 18.3.2 that could have allowed authenticated users to disrupt access to token listings and related administrative operations by creating tokens with excessively large names.
CVE-2025-7337
An issue has been discovered in GitLab CE/EE affecting all versions fr ...
CVE-2025-7337
An issue has been discovered in GitLab CE/EE affecting all versions from 7.8 before 18.1.6, 18.2 before 18.2.6, and 18.3 before 18.3.2 that could have allowed an authenticated user with Developer-level access to cause a persistent denial of service affecting all users on a GitLab instance by uploading large files.
CVE-2025-6769
An issue has been discovered in GitLab CE/EE affecting all versions fr ...
CVE-2025-6769
An issue has been discovered in GitLab CE/EE affecting all versions from 15.1 before 18.1.6, 18.2 before 18.2.6, and 18.3 before 18.3.2 that could have allowed authenticated users to view administrator-only maintenance notes by accessing runner details through specific interfaces.
CVE-2025-6454
An issue has been discovered in GitLab CE/EE affecting all versions fr ...
CVE-2025-6454
An issue has been discovered in GitLab CE/EE affecting all versions from 16.11 before 18.1.6, 18.2 before 18.2.6, and 18.3 before 18.3.2 that could have allowed authenticated users to make unintended internal requests through proxy environments by injecting crafted sequences.
CVE-2025-2256
An issue has been discovered in GitLab CE/EE affecting all versions from 7.12 before 18.1.6, 18.2 before 18.2.6, and 18.3 before 18.3.2 that could have allowed unauthorized users to render the GitLab instance unresponsive to legitimate users by sending multiple concurrent large SAML responses.
CVE-2025-2256
An issue has been discovered in GitLab CE/EE affecting all versions fr ...
CVE-2025-1250
An issue has been discovered in GitLab CE/EE affecting all versions from 15.0 before 18.1.6, 18.2 before 18.2.6, and 18.3 before 18.3.2 that could have allowed an authenticated user to stall background job processing by sending specially crafted commit messages, merge request descriptions, or notes.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| GHSA-6cfx-8gfv-h75g An issue has been discovered in GitLab CE/EE affecting all versions from 10.7 before 18.1.6, 18.2 before 18.2.6, and 18.3 before 18.3.2 that could have allowed authenticated users to disrupt access to token listings and related administrative operations by creating tokens with excessively large names. | CVSS3: 6.5 | 0% Низкий | 5 месяцев назад |
| CVE-2025-7337 An issue has been discovered in GitLab CE/EE affecting all versions fr ... | CVSS3: 6.5 | 0% Низкий | 5 месяцев назад |
 | CVE-2025-7337 An issue has been discovered in GitLab CE/EE affecting all versions from 7.8 before 18.1.6, 18.2 before 18.2.6, and 18.3 before 18.3.2 that could have allowed an authenticated user with Developer-level access to cause a persistent denial of service affecting all users on a GitLab instance by uploading large files. | CVSS3: 6.5 | 0% Низкий | 5 месяцев назад |
| CVE-2025-6769 An issue has been discovered in GitLab CE/EE affecting all versions fr ... | CVSS3: 4.3 | 0% Низкий | 5 месяцев назад |
| CVE-2025-6769 An issue has been discovered in GitLab CE/EE affecting all versions from 15.1 before 18.1.6, 18.2 before 18.2.6, and 18.3 before 18.3.2 that could have allowed authenticated users to view administrator-only maintenance notes by accessing runner details through specific interfaces. | CVSS3: 4.3 | 0% Низкий | 5 месяцев назад |
| CVE-2025-6454 An issue has been discovered in GitLab CE/EE affecting all versions fr ... | CVSS3: 8.5 | 0% Низкий | 5 месяцев назад |
| CVE-2025-6454 An issue has been discovered in GitLab CE/EE affecting all versions from 16.11 before 18.1.6, 18.2 before 18.2.6, and 18.3 before 18.3.2 that could have allowed authenticated users to make unintended internal requests through proxy environments by injecting crafted sequences. | CVSS3: 8.5 | 0% Низкий | 5 месяцев назад |
| CVE-2025-2256 An issue has been discovered in GitLab CE/EE affecting all versions from 7.12 before 18.1.6, 18.2 before 18.2.6, and 18.3 before 18.3.2 that could have allowed unauthorized users to render the GitLab instance unresponsive to legitimate users by sending multiple concurrent large SAML responses. | CVSS3: 7.5 | 0% Низкий | 5 месяцев назад |
| CVE-2025-2256 An issue has been discovered in GitLab CE/EE affecting all versions fr ... | CVSS3: 7.5 | 0% Низкий | 5 месяцев назад |
| CVE-2025-1250 An issue has been discovered in GitLab CE/EE affecting all versions from 15.0 before 18.1.6, 18.2 before 18.2.6, and 18.3 before 18.3.2 that could have allowed an authenticated user to stall background job processing by sending specially crafted commit messages, merge request descriptions, or notes. | CVSS3: 6.5 | 0% Низкий | 5 месяцев назад |
Уязвимостей на страницу