Gitlab — веб-платформа для управления проектами и репозиториями программного кода, работа которой основана на популярной системе контроля версий Git.
Релизный цикл, информация об уязвимостях
График релизов
Количество 5 336
CVE-2019-20148
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 8.13 through 12.6.1. It has Incorrect Access Control.
CVE-2019-20147
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 9.1 through 12.6.1. It has Incorrect Access Control.
CVE-2019-20145
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 11.4 through 12.6.1. It has Incorrect Access Control.
CVE-2019-20146
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 11.0 through 12.6. It allows Uncontrolled Resource Consumption.
CVE-2020-5197
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 5.1 through 12.6.1. It has Incorrect Access Control.
CVE-2019-19629
In GitLab EE 10.5 through 12.5.3, 12.4.5, and 12.3.8, when transferring a public project to a private group, private code would be disclosed via the Group Search API provided by the Elasticsearch integration.
CVE-2019-19629
In GitLab EE 10.5 through 12.5.3, 12.4.5, and 12.3.8, when transferrin ...
CVE-2019-19628
In GitLab EE 11.3 through 12.5.3, 12.4.5, and 12.3.8, insufficient parameter sanitization for the Maven package registry could lead to privilege escalation and remote code execution vulnerabilities under certain conditions.
CVE-2019-19628
In GitLab EE 11.3 through 12.5.3, 12.4.5, and 12.3.8, insufficient par ...
CVE-2019-19314
GitLab EE 8.4 through 12.5, 12.4.3, and 12.3.6 stored several tokens in plaintext.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | CVE-2019-20148 An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 8.13 through 12.6.1. It has Incorrect Access Control. | CVSS3: 5.3 | 0% Низкий | около 6 лет назад |
| CVE-2019-20147 An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 9.1 through 12.6.1. It has Incorrect Access Control. | CVSS3: 5.3 | 0% Низкий | около 6 лет назад |
| CVE-2019-20145 An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 11.4 through 12.6.1. It has Incorrect Access Control. | CVSS3: 4.3 | 0% Низкий | около 6 лет назад |
| CVE-2019-20146 An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 11.0 through 12.6. It allows Uncontrolled Resource Consumption. | CVSS3: 5.3 | 0% Низкий | около 6 лет назад |
| CVE-2020-5197 An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 5.1 through 12.6.1. It has Incorrect Access Control. | CVSS3: 4.3 | 0% Низкий | около 6 лет назад |
 | CVE-2019-19629 In GitLab EE 10.5 through 12.5.3, 12.4.5, and 12.3.8, when transferring a public project to a private group, private code would be disclosed via the Group Search API provided by the Elasticsearch integration. | CVSS3: 7.5 | 0% Низкий | около 6 лет назад |
| CVE-2019-19629 In GitLab EE 10.5 through 12.5.3, 12.4.5, and 12.3.8, when transferrin ... | CVSS3: 7.5 | 0% Низкий | около 6 лет назад |
| CVE-2019-19628 In GitLab EE 11.3 through 12.5.3, 12.4.5, and 12.3.8, insufficient parameter sanitization for the Maven package registry could lead to privilege escalation and remote code execution vulnerabilities under certain conditions. | CVSS3: 9.8 | 2% Низкий | около 6 лет назад |
| CVE-2019-19628 In GitLab EE 11.3 through 12.5.3, 12.4.5, and 12.3.8, insufficient par ... | CVSS3: 9.8 | 2% Низкий | около 6 лет назад |
| CVE-2019-19314 GitLab EE 8.4 through 12.5, 12.4.3, and 12.3.6 stored several tokens in plaintext. | CVSS3: 7.5 | 0% Низкий | около 6 лет назад |
Уязвимостей на страницу