Gitlab — веб-платформа для управления проектами и репозиториями программного кода, работа которой основана на популярной системе контроля версий Git.
Релизный цикл, информация об уязвимостях
График релизов
Количество 5 499
CVE-2026-0602
GitLab has remediated an issue in GitLab CE/EE affecting all versions ...
CVE-2026-0602
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.6 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user to disclose metadata from private issues, merge requests, epics, milestones, or commits due to improper filtering in the snippet rendering process under certain circumstances.
CVE-2025-14513
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.11 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an unauthenticated user to cause a denial of service condition due to improper input validation when processing specially crafted JSON payloads in the protected branches API.
CVE-2025-14513
GitLab has remediated an issue in GitLab CE/EE affecting all versions ...
CVE-2025-13929
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 10.0 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an unauthenticated user to cause a denial of service by issuing specially crafted requests to repository archive endpoints under certain conditions.
CVE-2025-13929
GitLab has remediated an issue in GitLab CE/EE affecting all versions ...
CVE-2025-13690
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.11 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user to cause a denial of service condition due to improper input validation on webhook custom header names under certain conditions.
CVE-2025-13690
GitLab has remediated an issue in GitLab CE/EE affecting all versions ...
CVE-2025-12704
GitLab has remediated an issue in GitLab EE affecting all versions from 18.2 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user to access Virtual Registry data in groups where they are not members due to improper authorization under certain conditions.
CVE-2025-12704
GitLab has remediated an issue in GitLab EE affecting all versions fro ...
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| CVE-2026-0602 GitLab has remediated an issue in GitLab CE/EE affecting all versions ... | CVSS3: 4.3 | 0% Низкий | 15 дней назад |
 | CVE-2026-0602 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.6 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user to disclose metadata from private issues, merge requests, epics, milestones, or commits due to improper filtering in the snippet rendering process under certain circumstances. | CVSS3: 4.3 | 0% Низкий | 15 дней назад |
| CVE-2025-14513 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.11 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an unauthenticated user to cause a denial of service condition due to improper input validation when processing specially crafted JSON payloads in the protected branches API. | CVSS3: 7.5 | 0% Низкий | 15 дней назад |
| CVE-2025-14513 GitLab has remediated an issue in GitLab CE/EE affecting all versions ... | CVSS3: 7.5 | 0% Низкий | 15 дней назад |
| CVE-2025-13929 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 10.0 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an unauthenticated user to cause a denial of service by issuing specially crafted requests to repository archive endpoints under certain conditions. | CVSS3: 7.5 | 0% Низкий | 15 дней назад |
| CVE-2025-13929 GitLab has remediated an issue in GitLab CE/EE affecting all versions ... | CVSS3: 7.5 | 0% Низкий | 15 дней назад |
| CVE-2025-13690 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.11 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user to cause a denial of service condition due to improper input validation on webhook custom header names under certain conditions. | CVSS3: 6.5 | 0% Низкий | 15 дней назад |
| CVE-2025-13690 GitLab has remediated an issue in GitLab CE/EE affecting all versions ... | CVSS3: 6.5 | 0% Низкий | 15 дней назад |
| CVE-2025-12704 GitLab has remediated an issue in GitLab EE affecting all versions from 18.2 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user to access Virtual Registry data in groups where they are not members due to improper authorization under certain conditions. | CVSS3: 3.5 | 0% Низкий | 15 дней назад |
| CVE-2025-12704 GitLab has remediated an issue in GitLab EE affecting all versions fro ... | CVSS3: 3.5 | 0% Низкий | 15 дней назад |
Уязвимостей на страницу