Логотип exploitDog
product: "gitlab"
Консоль
Логотип exploitDog

exploitDog

product: "gitlab"
Gitlab

Gitlabвеб-платформа для управления проектами и репозиториями программного кода, работа которой основана на популярной системе контроля версий Git.

Релизный цикл, информация об уязвимостях

Продукт: Gitlab
Вендор: gitlab

График релизов

18.018.118.220252026

Недавние уязвимости Gitlab

Количество 4 663

debian логотип

CVE-2017-11438

около 8 лет назад

GitLab Community Edition (CE) and Enterprise Edition (EE) before 9.0.1 ...

CVSS3: 6.3
EPSS: Низкий
nvd логотип

CVE-2017-11437

около 8 лет назад

GitLab Enterprise Edition (EE) before 8.17.7, 9.0.11, 9.1.8, 9.2.8, and 9.3.8 allows an authenticated user with the ability to create a project to use the mirroring feature to potentially read repositories belonging to other users.

CVSS3: 6.5
EPSS: Низкий
debian логотип

CVE-2017-11437

около 8 лет назад

GitLab Enterprise Edition (EE) before 8.17.7, 9.0.11, 9.1.8, 9.2.8, an ...

CVSS3: 6.5
EPSS: Низкий
ubuntu логотип

CVE-2017-11437

около 8 лет назад

GitLab Enterprise Edition (EE) before 8.17.7, 9.0.11, 9.1.8, 9.2.8, and 9.3.8 allows an authenticated user with the ability to create a project to use the mirroring feature to potentially read repositories belonging to other users.

CVSS3: 6.5
EPSS: Низкий
ubuntu логотип

CVE-2017-11438

около 8 лет назад

GitLab Community Edition (CE) and Enterprise Edition (EE) before 9.0.11, 9.1.8, 9.2.8 allow an authenticated user with the ability to create a group to add themselves to any project that is inside a subgroup.

CVSS3: 6.3
EPSS: Низкий
nvd логотип

CVE-2017-8778

больше 8 лет назад

GitLab before 8.14.9, 8.15.x before 8.15.6, and 8.16.x before 8.16.5 has XSS via a SCRIPT element in an issue attachment or avatar that is an SVG document.

CVSS3: 6.1
EPSS: Низкий
debian логотип

CVE-2017-8778

больше 8 лет назад

GitLab before 8.14.9, 8.15.x before 8.15.6, and 8.16.x before 8.16.5 h ...

CVSS3: 6.1
EPSS: Низкий
ubuntu логотип

CVE-2017-8778

больше 8 лет назад

GitLab before 8.14.9, 8.15.x before 8.15.6, and 8.16.x before 8.16.5 has XSS via a SCRIPT element in an issue attachment or avatar that is an SVG document.

CVSS3: 6.1
EPSS: Низкий
nvd логотип

CVE-2017-0882

больше 8 лет назад

Multiple versions of GitLab expose sensitive user credentials when assigning a user to an issue or merge request. A fix was included in versions 8.15.8, 8.16.7, and 8.17.4, which were released on March 20th 2017 at 23:59 UTC.

CVSS3: 6.3
EPSS: Низкий
debian логотип

CVE-2017-0882

больше 8 лет назад

Multiple versions of GitLab expose sensitive user credentials when ass ...

CVSS3: 6.3
EPSS: Низкий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
1
debian логотип
CVE-2017-11438

GitLab Community Edition (CE) and Enterprise Edition (EE) before 9.0.1 ...

CVSS3: 6.3
0%
Низкий
около 8 лет назад
nvd логотип
CVE-2017-11437

GitLab Enterprise Edition (EE) before 8.17.7, 9.0.11, 9.1.8, 9.2.8, and 9.3.8 allows an authenticated user with the ability to create a project to use the mirroring feature to potentially read repositories belonging to other users.

CVSS3: 6.5
0%
Низкий
около 8 лет назад
debian логотип
CVE-2017-11437

GitLab Enterprise Edition (EE) before 8.17.7, 9.0.11, 9.1.8, 9.2.8, an ...

CVSS3: 6.5
0%
Низкий
около 8 лет назад
ubuntu логотип
CVE-2017-11437

GitLab Enterprise Edition (EE) before 8.17.7, 9.0.11, 9.1.8, 9.2.8, and 9.3.8 allows an authenticated user with the ability to create a project to use the mirroring feature to potentially read repositories belonging to other users.

CVSS3: 6.5
0%
Низкий
около 8 лет назад
ubuntu логотип
CVE-2017-11438

GitLab Community Edition (CE) and Enterprise Edition (EE) before 9.0.11, 9.1.8, 9.2.8 allow an authenticated user with the ability to create a group to add themselves to any project that is inside a subgroup.

CVSS3: 6.3
0%
Низкий
около 8 лет назад
nvd логотип
CVE-2017-8778

GitLab before 8.14.9, 8.15.x before 8.15.6, and 8.16.x before 8.16.5 has XSS via a SCRIPT element in an issue attachment or avatar that is an SVG document.

CVSS3: 6.1
0%
Низкий
больше 8 лет назад
debian логотип
CVE-2017-8778

GitLab before 8.14.9, 8.15.x before 8.15.6, and 8.16.x before 8.16.5 h ...

CVSS3: 6.1
0%
Низкий
больше 8 лет назад
ubuntu логотип
CVE-2017-8778

GitLab before 8.14.9, 8.15.x before 8.15.6, and 8.16.x before 8.16.5 has XSS via a SCRIPT element in an issue attachment or avatar that is an SVG document.

CVSS3: 6.1
0%
Низкий
больше 8 лет назад
nvd логотип
CVE-2017-0882

Multiple versions of GitLab expose sensitive user credentials when assigning a user to an issue or merge request. A fix was included in versions 8.15.8, 8.16.7, and 8.17.4, which were released on March 20th 2017 at 23:59 UTC.

CVSS3: 6.3
0%
Низкий
больше 8 лет назад
debian логотип
CVE-2017-0882

Multiple versions of GitLab expose sensitive user credentials when ass ...

CVSS3: 6.3
0%
Низкий
больше 8 лет назад

Уязвимостей на страницу


Поделиться