Gitlab — веб-платформа для управления проектами и репозиториями программного кода, работа которой основана на популярной системе контроля версий Git.
Релизный цикл, информация об уязвимостях
График релизов
Количество 4 670
CVE-2013-4546
The repository import feature in gitlab-shell before 1.7.4, as used in GitLab, allows remote authenticated users to execute arbitrary commands via the import URL.
CVE-2013-4546
The repository import feature in gitlab-shell before 1.7.4, as used in ...
CVE-2013-4490
The SSH key upload feature (lib/gitlab_keys.rb) in gitlab-shell before 1.7.3, as used in GitLab 5.0 before 5.4.1 and 6.x before 6.2.3, allows remote authenticated users to execute arbitrary commands via shell metacharacters in the public key.
CVE-2013-4490
The SSH key upload feature (lib/gitlab_keys.rb) in gitlab-shell before ...
CVE-2013-4581
GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, Enterprise Edition before 6.2.1 and gitlab-shell before 1.7.8 allows remote attackers to execute arbitrary code via a crafted change using SSH.
CVE-2013-4581
GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, Enterprise Ed ...
CVE-2013-4580
GitLab before 5.4.2, Community Edition before 6.2.4, and Enterprise Edition before 6.2.1, when using a MySQL backend, allows remote attackers to impersonate arbitrary users and bypass authentication via unspecified API calls.
CVE-2013-4580
GitLab before 5.4.2, Community Edition before 6.2.4, and Enterprise Ed ...
CVE-2013-7316
Cross-site scripting (XSS) vulnerability in GitLab 6.0 and other versions before 6.5.0 allows remote attackers to inject arbitrary web script or HTML via a crafted HTML file, as demonstrated by README.html.
CVE-2013-7316
Cross-site scripting (XSS) vulnerability in GitLab 6.0 and other versi ...
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | CVE-2013-4546 The repository import feature in gitlab-shell before 1.7.4, as used in GitLab, allows remote authenticated users to execute arbitrary commands via the import URL. | CVSS2: 6.5 | 0% Низкий | около 11 лет назад |
| CVE-2013-4546 The repository import feature in gitlab-shell before 1.7.4, as used in ... | CVSS2: 6.5 | 0% Низкий | около 11 лет назад |
| CVE-2013-4490 The SSH key upload feature (lib/gitlab_keys.rb) in gitlab-shell before 1.7.3, as used in GitLab 5.0 before 5.4.1 and 6.x before 6.2.3, allows remote authenticated users to execute arbitrary commands via shell metacharacters in the public key. | CVSS2: 6.5 | 48% Средний | около 11 лет назад |
| CVE-2013-4490 The SSH key upload feature (lib/gitlab_keys.rb) in gitlab-shell before ... | CVSS2: 6.5 | 48% Средний | около 11 лет назад |
| CVE-2013-4581 GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, Enterprise Edition before 6.2.1 and gitlab-shell before 1.7.8 allows remote attackers to execute arbitrary code via a crafted change using SSH. | CVSS2: 6.8 | 1% Низкий | около 11 лет назад |
| CVE-2013-4581 GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, Enterprise Ed ... | CVSS2: 6.8 | 1% Низкий | около 11 лет назад |
| CVE-2013-4580 GitLab before 5.4.2, Community Edition before 6.2.4, and Enterprise Edition before 6.2.1, when using a MySQL backend, allows remote attackers to impersonate arbitrary users and bypass authentication via unspecified API calls. | CVSS2: 6.8 | 0% Низкий | около 11 лет назад |
| CVE-2013-4580 GitLab before 5.4.2, Community Edition before 6.2.4, and Enterprise Ed ... | CVSS2: 6.8 | 0% Низкий | около 11 лет назад |
| CVE-2013-7316 Cross-site scripting (XSS) vulnerability in GitLab 6.0 and other versions before 6.5.0 allows remote attackers to inject arbitrary web script or HTML via a crafted HTML file, as demonstrated by README.html. | CVSS2: 4.3 | 1% Низкий | больше 11 лет назад |
| CVE-2013-7316 Cross-site scripting (XSS) vulnerability in GitLab 6.0 and other versi ... | CVSS2: 4.3 | 1% Низкий | больше 11 лет назад |
Уязвимостей на страницу