Gitlab — веб-платформа для управления проектами и репозиториями программного кода, работа которой основана на популярной системе контроля версий Git.
Релизный цикл, информация об уязвимостях
График релизов
Количество 5 336
CVE-2019-13009
An issue was discovered in GitLab Community and Enterprise Edition 9.2 through 12.0.2. Uploaded files associated with unsaved personal snippets were accessible to unauthorized users due to improper permission settings. It has Incorrect Access Control.
CVE-2019-13010
An issue was discovered in GitLab Enterprise Edition 8.3 through 12.0.2. The color codes decoder was vulnerable to a resource depletion attack if specific formats were used. It allows Uncontrolled Resource Consumption.
CVE-2019-13006
An issue was discovered in GitLab Community and Enterprise Edition 9.0 and through 12.0.2. Users with access to issues, but not the repository were able to view the number of related merge requests on an issue. It has Incorrect Access Control.
CVE-2019-13006
An issue was discovered in GitLab Community and Enterprise Edition 9.0 ...
CVE-2019-13006
An issue was discovered in GitLab Community and Enterprise Edition 9.0 and through 12.0.2. Users with access to issues, but not the repository were able to view the number of related merge requests on an issue. It has Incorrect Access Control.
CVE-2019-13005
An issue was discovered in GitLab Enterprise Edition and Community Edition 1.10 through 12.0.2. The GitLab graphql service was vulnerable to multiple authorization issues that disclosed restricted user, group, and repository metadata to unauthorized users. It has Incorrect Access Control.
CVE-2019-13005
An issue was discovered in GitLab Enterprise Edition and Community Edi ...
CVE-2019-13004
An issue was discovered in GitLab Community and Enterprise Edition 11.10 through 12.0.2. When specific encoded characters were added to comments, the comments section would become inaccessible. It has Incorrect Access Control (issue 1 of 2).
CVE-2019-13004
An issue was discovered in GitLab Community and Enterprise Edition 11. ...
CVE-2019-13003
An issue was discovered in GitLab Community and Enterprise Edition before 12.0.3. One of the parsers used by Gilab CI was vulnerable to a resource exhaustion attack. It allows Uncontrolled Resource Consumption.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | CVE-2019-13009 An issue was discovered in GitLab Community and Enterprise Edition 9.2 through 12.0.2. Uploaded files associated with unsaved personal snippets were accessible to unauthorized users due to improper permission settings. It has Incorrect Access Control. | CVSS3: 6.5 | 0% Низкий | почти 6 лет назад |
| CVE-2019-13010 An issue was discovered in GitLab Enterprise Edition 8.3 through 12.0.2. The color codes decoder was vulnerable to a resource depletion attack if specific formats were used. It allows Uncontrolled Resource Consumption. | CVSS3: 5.9 | 0% Низкий | почти 6 лет назад |
 | CVE-2019-13006 An issue was discovered in GitLab Community and Enterprise Edition 9.0 and through 12.0.2. Users with access to issues, but not the repository were able to view the number of related merge requests on an issue. It has Incorrect Access Control. | CVSS3: 4.3 | 0% Низкий | почти 6 лет назад |
| CVE-2019-13006 An issue was discovered in GitLab Community and Enterprise Edition 9.0 ... | CVSS3: 4.3 | 0% Низкий | почти 6 лет назад |
| CVE-2019-13006 An issue was discovered in GitLab Community and Enterprise Edition 9.0 and through 12.0.2. Users with access to issues, but not the repository were able to view the number of related merge requests on an issue. It has Incorrect Access Control. | CVSS3: 4.3 | 0% Низкий | почти 6 лет назад |
| CVE-2019-13005 An issue was discovered in GitLab Enterprise Edition and Community Edition 1.10 through 12.0.2. The GitLab graphql service was vulnerable to multiple authorization issues that disclosed restricted user, group, and repository metadata to unauthorized users. It has Incorrect Access Control. | CVSS3: 4.3 | 0% Низкий | почти 6 лет назад |
| CVE-2019-13005 An issue was discovered in GitLab Enterprise Edition and Community Edi ... | CVSS3: 4.3 | 0% Низкий | почти 6 лет назад |
| CVE-2019-13004 An issue was discovered in GitLab Community and Enterprise Edition 11.10 through 12.0.2. When specific encoded characters were added to comments, the comments section would become inaccessible. It has Incorrect Access Control (issue 1 of 2). | CVSS3: 5.3 | 0% Низкий | почти 6 лет назад |
| CVE-2019-13004 An issue was discovered in GitLab Community and Enterprise Edition 11. ... | CVSS3: 5.3 | 0% Низкий | почти 6 лет назад |
| CVE-2019-13003 An issue was discovered in GitLab Community and Enterprise Edition before 12.0.3. One of the parsers used by Gilab CI was vulnerable to a resource exhaustion attack. It allows Uncontrolled Resource Consumption. | CVSS3: 7.5 | 0% Низкий | почти 6 лет назад |
Уязвимостей на страницу