Gitlab — веб-платформа для управления проектами и репозиториями программного кода, работа которой основана на популярной системе контроля версий Git.
Релизный цикл, информация об уязвимостях
График релизов
Количество 5 336
GHSA-4m4w-7ph3-mcfg
An issue has been discovered in GitLab EE affecting all versions from 12.0 before 17.10.8, 17.11 before 17.11.4, and 18.0 before 18.0.2. Under certain conditions users could bypass IP access restrictions and view sensitive information.
CVE-2025-5982
An issue has been discovered in GitLab EE affecting all versions from ...
CVE-2025-5982
An issue has been discovered in GitLab EE affecting all versions from 12.0 before 17.10.8, 17.11 before 17.11.4, and 18.0 before 18.0.2. Under certain conditions users could bypass IP access restrictions and view sensitive information.
GHSA-g6rr-7jqw-c6hc
An issue has been discovered in GitLab EE affecting all versions prior to 17.10.8, 17.11 prior to 17.11.4, and 18.0 prior to 18.0.2. It may have been possible for private repository to be cloned in case of race condition when a secondary node is out of sync.
CVE-2024-9512
An issue has been discovered in GitLab EE affecting all versions prior to 17.10.8, 17.11 prior to 17.11.4, and 18.0 prior to 18.0.2. It may have been possible for private repository to be cloned in case of race condition when a secondary node is out of sync.
CVE-2024-9512
An issue has been discovered in GitLab EE affecting all versions prior ...
GHSA-rp5v-chq5-pw9q
An issue has been discovered in GitLab CE/EE affecting all versions from 17.7 before 17.10.8, 17.11 before 17.11.4, and 18.0 before 18.0.2, allow an attacker to trigger an infinite redirect loop, potentially leading to a denial of service condition.
GHSA-wjh7-hp74-8r7h
An issue has been discovered in GitLab CE/EE affecting all versions from 2.1.0 before 17.10.8, 17.11 before 17.11.4, and 18.0 before 18.0.2. A lack of input validation in HTTP responses could allow an authenticated user to cause denial of service.
GHSA-wjcq-cqhf-f7rm
An issue has been discovered in GitLab CE/EE affecting all versions starting with 18.0 before 18.0.2. Under certain conditions html injection in new search page could lead to account takeover.
GHSA-fccc-r92h-5q24
An issue has been discovered in GitLab CE/EE affecting all versions from 17.9 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. It was possible for authenticated users to access arbitrary compliance frameworks, leading to unauthorized data disclosure.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| GHSA-4m4w-7ph3-mcfg An issue has been discovered in GitLab EE affecting all versions from 12.0 before 17.10.8, 17.11 before 17.11.4, and 18.0 before 18.0.2. Under certain conditions users could bypass IP access restrictions and view sensitive information. | CVSS3: 3.7 | 0% Низкий | 8 месяцев назад |
| CVE-2025-5982 An issue has been discovered in GitLab EE affecting all versions from ... | CVSS3: 3.7 | 0% Низкий | 8 месяцев назад |
 | CVE-2025-5982 An issue has been discovered in GitLab EE affecting all versions from 12.0 before 17.10.8, 17.11 before 17.11.4, and 18.0 before 18.0.2. Under certain conditions users could bypass IP access restrictions and view sensitive information. | CVSS3: 3.7 | 0% Низкий | 8 месяцев назад |
| GHSA-g6rr-7jqw-c6hc An issue has been discovered in GitLab EE affecting all versions prior to 17.10.8, 17.11 prior to 17.11.4, and 18.0 prior to 18.0.2. It may have been possible for private repository to be cloned in case of race condition when a secondary node is out of sync. | CVSS3: 5.3 | 0% Низкий | 8 месяцев назад |
| CVE-2024-9512 An issue has been discovered in GitLab EE affecting all versions prior to 17.10.8, 17.11 prior to 17.11.4, and 18.0 prior to 18.0.2. It may have been possible for private repository to be cloned in case of race condition when a secondary node is out of sync. | CVSS3: 5.3 | 0% Низкий | 8 месяцев назад |
| CVE-2024-9512 An issue has been discovered in GitLab EE affecting all versions prior ... | CVSS3: 5.3 | 0% Низкий | 8 месяцев назад |
| GHSA-rp5v-chq5-pw9q An issue has been discovered in GitLab CE/EE affecting all versions from 17.7 before 17.10.8, 17.11 before 17.11.4, and 18.0 before 18.0.2, allow an attacker to trigger an infinite redirect loop, potentially leading to a denial of service condition. | CVSS3: 7.5 | 0% Низкий | 8 месяцев назад |
| GHSA-wjh7-hp74-8r7h An issue has been discovered in GitLab CE/EE affecting all versions from 2.1.0 before 17.10.8, 17.11 before 17.11.4, and 18.0 before 18.0.2. A lack of input validation in HTTP responses could allow an authenticated user to cause denial of service. | CVSS3: 6.5 | 0% Низкий | 8 месяцев назад |
| GHSA-wjcq-cqhf-f7rm An issue has been discovered in GitLab CE/EE affecting all versions starting with 18.0 before 18.0.2. Under certain conditions html injection in new search page could lead to account takeover. | CVSS3: 8.7 | 0% Низкий | 8 месяцев назад |
| GHSA-fccc-r92h-5q24 An issue has been discovered in GitLab CE/EE affecting all versions from 17.9 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. It was possible for authenticated users to access arbitrary compliance frameworks, leading to unauthorized data disclosure. | CVSS3: 4.3 | 0% Низкий | 8 месяцев назад |
Уязвимостей на страницу