Gitlab — веб-платформа для управления проектами и репозиториями программного кода, работа которой основана на популярной системе контроля версий Git.
Релизный цикл, информация об уязвимостях
График релизов
Количество 5 336
GHSA-9c34-92qm-j7ff
An issue has been discovered in GitLab CE/EE affecting all versions from 8.13 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. A lack of input validation in Board Names could be used to trigger a denial of service.
GHSA-r66m-9f9x-jv46
An issue has been discovered in GitLab CE/EE affecting all versions from 8.7 before 17.10.8, 17.11 before 17.11.4, and 18.0 before 18.0.2. Improper input validation in Tokens Names could be used to trigger a denial of service.
GHSA-27jm-6pj2-8w7g
An issue has been discovered in GitLab CE/EE affecting all versions from 17.9 before 17.10.8, 17.11 before 17.11.4, and 18.0 before 18.0.2. Improper output encoding in the snipper viewer functionality lead to Cross-Site scripting attacks.
CVE-2025-5195
An issue has been discovered in GitLab CE/EE affecting all versions fr ...
CVE-2025-5195
An issue has been discovered in GitLab CE/EE affecting all versions from 17.9 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. It was possible for authenticated users to access arbitrary compliance frameworks, leading to unauthorized data disclosure.
CVE-2025-0673
An issue has been discovered in GitLab CE/EE affecting all versions from 17.7 before 17.10.8, 17.11 before 17.11.4, and 18.0 before 18.0.2, allow an attacker to trigger an infinite redirect loop, potentially leading to a denial of service condition.
CVE-2025-0673
An issue has been discovered in GitLab CE/EE affecting all versions fr ...
CVE-2025-5195
An issue has been discovered in GitLab CE/EE affecting all versions from 17.9 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. It was possible for authenticated users to access arbitrary compliance frameworks, leading to unauthorized data disclosure.
CVE-2025-0673
An issue has been discovered in GitLab CE/EE affecting all versions from 17.7 before 17.10.8, 17.11 before 17.11.4, and 18.0 before 18.0.2, allow an attacker to trigger an infinite redirect loop, potentially leading to a denial of service condition.
CVE-2025-5996
An issue has been discovered in GitLab CE/EE affecting all versions fr ...
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| GHSA-9c34-92qm-j7ff An issue has been discovered in GitLab CE/EE affecting all versions from 8.13 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. A lack of input validation in Board Names could be used to trigger a denial of service. | CVSS3: 6.5 | 0% Низкий | 8 месяцев назад |
| GHSA-r66m-9f9x-jv46 An issue has been discovered in GitLab CE/EE affecting all versions from 8.7 before 17.10.8, 17.11 before 17.11.4, and 18.0 before 18.0.2. Improper input validation in Tokens Names could be used to trigger a denial of service. | CVSS3: 6.5 | 0% Низкий | 8 месяцев назад |
| GHSA-27jm-6pj2-8w7g An issue has been discovered in GitLab CE/EE affecting all versions from 17.9 before 17.10.8, 17.11 before 17.11.4, and 18.0 before 18.0.2. Improper output encoding in the snipper viewer functionality lead to Cross-Site scripting attacks. | CVSS3: 8.7 | 0% Низкий | 8 месяцев назад |
| CVE-2025-5195 An issue has been discovered in GitLab CE/EE affecting all versions fr ... | CVSS3: 4.3 | 0% Низкий | 8 месяцев назад |
 | CVE-2025-5195 An issue has been discovered in GitLab CE/EE affecting all versions from 17.9 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. It was possible for authenticated users to access arbitrary compliance frameworks, leading to unauthorized data disclosure. | CVSS3: 4.3 | 0% Низкий | 8 месяцев назад |
| CVE-2025-0673 An issue has been discovered in GitLab CE/EE affecting all versions from 17.7 before 17.10.8, 17.11 before 17.11.4, and 18.0 before 18.0.2, allow an attacker to trigger an infinite redirect loop, potentially leading to a denial of service condition. | CVSS3: 7.5 | 0% Низкий | 8 месяцев назад |
| CVE-2025-0673 An issue has been discovered in GitLab CE/EE affecting all versions fr ... | CVSS3: 7.5 | 0% Низкий | 8 месяцев назад |
 | CVE-2025-5195 An issue has been discovered in GitLab CE/EE affecting all versions from 17.9 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. It was possible for authenticated users to access arbitrary compliance frameworks, leading to unauthorized data disclosure. | CVSS3: 4.3 | 0% Низкий | 8 месяцев назад |
| CVE-2025-0673 An issue has been discovered in GitLab CE/EE affecting all versions from 17.7 before 17.10.8, 17.11 before 17.11.4, and 18.0 before 18.0.2, allow an attacker to trigger an infinite redirect loop, potentially leading to a denial of service condition. | CVSS3: 7.5 | 0% Низкий | 8 месяцев назад |
| CVE-2025-5996 An issue has been discovered in GitLab CE/EE affecting all versions fr ... | CVSS3: 6.5 | 0% Низкий | 8 месяцев назад |
Уязвимостей на страницу