Gitlab — веб-платформа для управления проектами и репозиториями программного кода, работа которой основана на популярной системе контроля версий Git.

Релизный цикл, информация об уязвимостях

Продукт: Gitlab

Вендор: gitlab

График релизов

Недавние уязвимости Gitlab

Количество 5 336

CVE-2020-13274

больше 5 лет назад

A security issue allowed achieving Denial of Service attacks through memory exhaustion by uploading malicious artifacts in all previous GitLab versions through 13.0.1

CVSS3: 7.5

EPSS: Низкий

CVE-2020-13274

больше 5 лет назад

A security issue allowed achieving Denial of Service attacks through m ...

CVSS3: 7.5

EPSS: Низкий

CVE-2020-13273

больше 5 лет назад

A Denial of Service vulnerability allowed exhausting the system resources in GitLab CE/EE 12.0 and later through 13.0.1

CVSS3: 7.5

EPSS: Низкий

CVE-2020-13273

больше 5 лет назад

A Denial of Service vulnerability allowed exhausting the system resour ...

CVSS3: 7.5

EPSS: Низкий

CVE-2020-13272

больше 5 лет назад

OAuth flow missing verification checks CE/EE 12.3 and later through 13.0.1 allows unverified user to use OAuth authorization code flow

CVSS3: 7.5

EPSS: Низкий

CVE-2020-13272

больше 5 лет назад

OAuth flow missing verification checks CE/EE 12.3 and later through 13 ...

CVSS3: 7.5

EPSS: Низкий

CVE-2020-13265

больше 5 лет назад

User email verification bypass in GitLab CE/EE 12.5 and later through 13.0.1 allows user to bypass email verification

CVSS3: 4.3

EPSS: Низкий

CVE-2020-13265

больше 5 лет назад

User email verification bypass in GitLab CE/EE 12.5 and later through ...

CVSS3: 4.3

EPSS: Низкий

CVE-2020-13262

больше 5 лет назад

Client-Side code injection through Mermaid markup in GitLab CE/EE 12.9 and later through 13.0.1 allows a specially crafted Mermaid payload to PUT requests on behalf of other users via clicking on a link

CVSS3: 6.1

EPSS: Низкий

CVE-2020-13262

больше 5 лет назад

Client-Side code injection through Mermaid markup in GitLab CE/EE 12.9 ...

CVSS3: 6.1

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано 1
CVE-2020-13274 A security issue allowed achieving Denial of Service attacks through memory exhaustion by uploading malicious artifacts in all previous GitLab versions through 13.0.1	CVSS3: 7.5	0% Низкий	больше 5 лет назад
CVE-2020-13274 A security issue allowed achieving Denial of Service attacks through m ...	CVSS3: 7.5	0% Низкий	больше 5 лет назад
CVE-2020-13273 A Denial of Service vulnerability allowed exhausting the system resources in GitLab CE/EE 12.0 and later through 13.0.1	CVSS3: 7.5	0% Низкий	больше 5 лет назад
CVE-2020-13273 A Denial of Service vulnerability allowed exhausting the system resour ...	CVSS3: 7.5	0% Низкий	больше 5 лет назад
CVE-2020-13272 OAuth flow missing verification checks CE/EE 12.3 and later through 13.0.1 allows unverified user to use OAuth authorization code flow	CVSS3: 7.5	0% Низкий	больше 5 лет назад
CVE-2020-13272 OAuth flow missing verification checks CE/EE 12.3 and later through 13 ...	CVSS3: 7.5	0% Низкий	больше 5 лет назад
CVE-2020-13265 User email verification bypass in GitLab CE/EE 12.5 and later through 13.0.1 allows user to bypass email verification	CVSS3: 4.3	0% Низкий	больше 5 лет назад
CVE-2020-13265 User email verification bypass in GitLab CE/EE 12.5 and later through ...	CVSS3: 4.3	0% Низкий	больше 5 лет назад
CVE-2020-13262 Client-Side code injection through Mermaid markup in GitLab CE/EE 12.9 and later through 13.0.1 allows a specially crafted Mermaid payload to PUT requests on behalf of other users via clicking on a link	CVSS3: 6.1	0% Низкий	больше 5 лет назад
CVE-2020-13262 Client-Side code injection through Mermaid markup in GitLab CE/EE 12.9 ...	CVSS3: 6.1	0% Низкий	больше 5 лет назад

Уязвимостей на страницу