Gitlab — веб-платформа для управления проектами и репозиториями программного кода, работа которой основана на популярной системе контроля версий Git.
Релизный цикл, информация об уязвимостях
График релизов
Количество 5 268
CVE-2019-20145
An issue was discovered in GitLab Community Edition (CE) and Enterpris ...
CVE-2019-20147
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 9.1 through 12.6.1. It has Incorrect Access Control.
CVE-2020-6832
An issue was discovered in GitLab Enterprise Edition (EE) 8.9.0 through 12.6.1. Using the project import feature, it was possible for someone to obtain issues from private projects.
CVE-2020-5197
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 5.1 through 12.6.1. It has Incorrect Access Control.
CVE-2019-20145
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 11.4 through 12.6.1. It has Incorrect Access Control.
CVE-2019-20146
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 11.0 through 12.6. It allows Uncontrolled Resource Consumption.
CVE-2019-20148
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 8.13 through 12.6.1. It has Incorrect Access Control.
CVE-2019-19629
In GitLab EE 10.5 through 12.5.3, 12.4.5, and 12.3.8, when transferring a public project to a private group, private code would be disclosed via the Group Search API provided by the Elasticsearch integration.
CVE-2019-19629
In GitLab EE 10.5 through 12.5.3, 12.4.5, and 12.3.8, when transferrin ...
CVE-2019-19628
In GitLab EE 11.3 through 12.5.3, 12.4.5, and 12.3.8, insufficient parameter sanitization for the Maven package registry could lead to privilege escalation and remote code execution vulnerabilities under certain conditions.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| CVE-2019-20145 An issue was discovered in GitLab Community Edition (CE) and Enterpris ... | CVSS3: 4.3 | 0% Низкий | около 6 лет назад |
 | CVE-2019-20147 An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 9.1 through 12.6.1. It has Incorrect Access Control. | CVSS3: 5.3 | 0% Низкий | около 6 лет назад |
| CVE-2020-6832 An issue was discovered in GitLab Enterprise Edition (EE) 8.9.0 through 12.6.1. Using the project import feature, it was possible for someone to obtain issues from private projects. | CVSS3: 5.3 | 0% Низкий | около 6 лет назад |
| CVE-2020-5197 An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 5.1 through 12.6.1. It has Incorrect Access Control. | CVSS3: 4.3 | 0% Низкий | около 6 лет назад |
| CVE-2019-20145 An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 11.4 through 12.6.1. It has Incorrect Access Control. | CVSS3: 4.3 | 0% Низкий | около 6 лет назад |
| CVE-2019-20146 An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 11.0 through 12.6. It allows Uncontrolled Resource Consumption. | CVSS3: 5.3 | 0% Низкий | около 6 лет назад |
| CVE-2019-20148 An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 8.13 through 12.6.1. It has Incorrect Access Control. | CVSS3: 5.3 | 0% Низкий | около 6 лет назад |
 | CVE-2019-19629 In GitLab EE 10.5 through 12.5.3, 12.4.5, and 12.3.8, when transferring a public project to a private group, private code would be disclosed via the Group Search API provided by the Elasticsearch integration. | CVSS3: 7.5 | 0% Низкий | около 6 лет назад |
| CVE-2019-19629 In GitLab EE 10.5 through 12.5.3, 12.4.5, and 12.3.8, when transferrin ... | CVSS3: 7.5 | 0% Низкий | около 6 лет назад |
| CVE-2019-19628 In GitLab EE 11.3 through 12.5.3, 12.4.5, and 12.3.8, insufficient parameter sanitization for the Maven package registry could lead to privilege escalation and remote code execution vulnerabilities under certain conditions. | CVSS3: 9.8 | 2% Низкий | около 6 лет назад |
Уязвимостей на страницу