Gitlab — веб-платформа для управления проектами и репозиториями программного кода, работа которой основана на популярной системе контроля версий Git.
Релизный цикл, информация об уязвимостях
График релизов
Количество 5 336
CVE-2019-15592
GitLab 12.2.2 and below contains a security vulnerability that allows a guest user in a private project to see the merge request ID associated to an issue via the activity timeline.
CVE-2019-15592
GitLab 12.2.2 and below contains a security vulnerability that allows ...
CVE-2019-15594
GitLab 11.8 and later contains a security vulnerability that allows a user to obtain details of restricted pipelines via the merge request endpoint.
CVE-2019-15592
GitLab 12.2.2 and below contains a security vulnerability that allows a guest user in a private project to see the merge request ID associated to an issue via the activity timeline.
CVE-2020-6833
An issue was discovered in GitLab EE 11.3 and later. A GitLab Workhorse bypass could lead to package and file disclosure via request smuggling.
CVE-2020-6833
An issue was discovered in GitLab EE 11.3 and later. A GitLab Workhors ...
CVE-2020-6833
An issue was discovered in GitLab EE 11.3 and later. A GitLab Workhorse bypass could lead to package and file disclosure via request smuggling.
CVE-2020-7978
GitLab EE 12.6 and later through 12.7.2 allows Denial of Service.
CVE-2020-7978
GitLab EE 12.6 and later through 12.7.2 allows Denial of Service.
CVE-2020-7977
GitLab EE 8.8 and later through 12.7.2 has Insecure Permissions.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | CVE-2019-15592 GitLab 12.2.2 and below contains a security vulnerability that allows a guest user in a private project to see the merge request ID associated to an issue via the activity timeline. | CVSS3: 4.3 | 1% Низкий | почти 6 лет назад |
| CVE-2019-15592 GitLab 12.2.2 and below contains a security vulnerability that allows ... | CVSS3: 4.3 | 1% Низкий | почти 6 лет назад |
 | CVE-2019-15594 GitLab 11.8 and later contains a security vulnerability that allows a user to obtain details of restricted pipelines via the merge request endpoint. | CVSS3: 4.3 | 0% Низкий | почти 6 лет назад |
| CVE-2019-15592 GitLab 12.2.2 and below contains a security vulnerability that allows a guest user in a private project to see the merge request ID associated to an issue via the activity timeline. | CVSS3: 4.3 | 1% Низкий | почти 6 лет назад |
| CVE-2020-6833 An issue was discovered in GitLab EE 11.3 and later. A GitLab Workhorse bypass could lead to package and file disclosure via request smuggling. | CVSS3: 7.5 | 0% Низкий | около 6 лет назад |
| CVE-2020-6833 An issue was discovered in GitLab EE 11.3 and later. A GitLab Workhors ... | CVSS3: 7.5 | 0% Низкий | около 6 лет назад |
| CVE-2020-6833 An issue was discovered in GitLab EE 11.3 and later. A GitLab Workhorse bypass could lead to package and file disclosure via request smuggling. | CVSS3: 7.5 | 0% Низкий | около 6 лет назад |
| CVE-2020-7978 GitLab EE 12.6 and later through 12.7.2 allows Denial of Service. | CVSS3: 7.5 | 0% Низкий | около 6 лет назад |
| CVE-2020-7978 GitLab EE 12.6 and later through 12.7.2 allows Denial of Service. | CVSS3: 7.5 | 0% Низкий | около 6 лет назад |
| CVE-2020-7977 GitLab EE 8.8 and later through 12.7.2 has Insecure Permissions. | CVSS3: 5.3 | 0% Низкий | около 6 лет назад |
Уязвимостей на страницу