Gitlab — веб-платформа для управления проектами и репозиториями программного кода, работа которой основана на популярной системе контроля версий Git.
Релизный цикл, информация об уязвимостях
График релизов
Количество 5 336
CVE-2020-10076
GitLab 12.1 through 12.8.1 allows XSS. A stored cross-site scripting v ...
CVE-2020-10075
GitLab 12.5 through 12.8.1 allows HTML Injection. A particular error header was potentially susceptible to injection or potentially other vulnerabilities via unescaped input.
CVE-2020-10075
GitLab 12.5 through 12.8.1 allows HTML Injection. A particular error h ...
CVE-2020-10074
GitLab 10.1 through 12.8.1 has Incorrect Access Control. A scenario was discovered in which a GitLab account could be taken over through an expired link.
CVE-2020-10074
GitLab 10.1 through 12.8.1 has Incorrect Access Control. A scenario wa ...
CVE-2020-10073
GitLab EE 12.4.2 through 12.8.1 allows Denial of Service. It was internally discovered that a potential denial of service involving permissions checks could impact a project home page.
CVE-2020-10073
GitLab EE 12.4.2 through 12.8.1 allows Denial of Service. It was inter ...
CVE-2020-10075
GitLab 12.5 through 12.8.1 allows HTML Injection. A particular error header was potentially susceptible to injection or potentially other vulnerabilities via unescaped input.
CVE-2020-10074
GitLab 10.1 through 12.8.1 has Incorrect Access Control. A scenario was discovered in which a GitLab account could be taken over through an expired link.
CVE-2020-10076
GitLab 12.1 through 12.8.1 allows XSS. A stored cross-site scripting vulnerability was discovered when displaying merge requests.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| CVE-2020-10076 GitLab 12.1 through 12.8.1 allows XSS. A stored cross-site scripting v ... | CVSS3: 6.1 | 0% Низкий | почти 6 лет назад |
 | CVE-2020-10075 GitLab 12.5 through 12.8.1 allows HTML Injection. A particular error header was potentially susceptible to injection or potentially other vulnerabilities via unescaped input. | CVSS3: 6.1 | 0% Низкий | почти 6 лет назад |
| CVE-2020-10075 GitLab 12.5 through 12.8.1 allows HTML Injection. A particular error h ... | CVSS3: 6.1 | 0% Низкий | почти 6 лет назад |
| CVE-2020-10074 GitLab 10.1 through 12.8.1 has Incorrect Access Control. A scenario was discovered in which a GitLab account could be taken over through an expired link. | CVSS3: 9.8 | 0% Низкий | почти 6 лет назад |
| CVE-2020-10074 GitLab 10.1 through 12.8.1 has Incorrect Access Control. A scenario wa ... | CVSS3: 9.8 | 0% Низкий | почти 6 лет назад |
| CVE-2020-10073 GitLab EE 12.4.2 through 12.8.1 allows Denial of Service. It was internally discovered that a potential denial of service involving permissions checks could impact a project home page. | CVSS3: 7.5 | 0% Низкий | почти 6 лет назад |
| CVE-2020-10073 GitLab EE 12.4.2 through 12.8.1 allows Denial of Service. It was inter ... | CVSS3: 7.5 | 0% Низкий | почти 6 лет назад |
 | CVE-2020-10075 GitLab 12.5 through 12.8.1 allows HTML Injection. A particular error header was potentially susceptible to injection or potentially other vulnerabilities via unescaped input. | CVSS3: 6.1 | 0% Низкий | почти 6 лет назад |
| CVE-2020-10074 GitLab 10.1 through 12.8.1 has Incorrect Access Control. A scenario was discovered in which a GitLab account could be taken over through an expired link. | CVSS3: 9.8 | 0% Низкий | почти 6 лет назад |
| CVE-2020-10076 GitLab 12.1 through 12.8.1 allows XSS. A stored cross-site scripting vulnerability was discovered when displaying merge requests. | CVSS3: 6.1 | 0% Низкий | почти 6 лет назад |
Уязвимостей на страницу