Gitlab — веб-платформа для управления проектами и репозиториями программного кода, работа которой основана на популярной системе контроля версий Git.
Релизный цикл, информация об уязвимостях
График релизов
Количество 5 304
CVE-2019-15589
An improper access control vulnerability exists in Gitlab <v12.3.2, <v ...
CVE-2019-15580
An information exposure vulnerability exists in gitlab.com <v12.3.2, <v12.2.6, and <v12.1.10 when using the blocking merge request feature, it was possible for an unauthenticated user to see the head pipeline data of a public project even though pipeline visibility was restricted.
CVE-2019-15580
An information exposure vulnerability exists in gitlab.com <v12.3.2, < ...
CVE-2019-15577
An information disclosure vulnerability exists in GitLab CE/EE <v12.3.2, <v12.2.6, and <v12.1.12 that allowed project milestones to be disclosed via groups browsing.
CVE-2019-15577
An information disclosure vulnerability exists in GitLab CE/EE <v12.3. ...
CVE-2019-15576
An information disclosure vulnerability exists in GitLab CE/EE <v12.3.2, <v12.2.6, and <v12.1.12 that allowed an attacker to view private system notes from a GraphQL endpoint.
CVE-2019-15576
An information disclosure vulnerability exists in GitLab CE/EE <v12.3. ...
CVE-2019-15575
A command injection exists in GitLab CE/EE <v12.3.2, <v12.2.6, and <v12.1.12 that allowed an attacker to inject commands via the API through the blobs scope.
CVE-2019-15575
A command injection exists in GitLab CE/EE <v12.3.2, <v12.2.6, and <v1 ...
CVE-2019-15589
An improper access control vulnerability exists in Gitlab <v12.3.2, <v12.2.6, <v12.1.12 which would allow a blocked user would be able to use GIT clone and pull if he had obtained a CI/CD token before.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| CVE-2019-15589 An improper access control vulnerability exists in Gitlab <v12.3.2, <v ... | CVSS3: 8.8 | 0% Низкий | около 6 лет назад |
 | CVE-2019-15580 An information exposure vulnerability exists in gitlab.com <v12.3.2, <v12.2.6, and <v12.1.10 when using the blocking merge request feature, it was possible for an unauthenticated user to see the head pipeline data of a public project even though pipeline visibility was restricted. | CVSS3: 6.5 | 0% Низкий | около 6 лет назад |
| CVE-2019-15580 An information exposure vulnerability exists in gitlab.com <v12.3.2, < ... | CVSS3: 6.5 | 0% Низкий | около 6 лет назад |
| CVE-2019-15577 An information disclosure vulnerability exists in GitLab CE/EE <v12.3.2, <v12.2.6, and <v12.1.12 that allowed project milestones to be disclosed via groups browsing. | CVSS3: 4.3 | 0% Низкий | около 6 лет назад |
| CVE-2019-15577 An information disclosure vulnerability exists in GitLab CE/EE <v12.3. ... | CVSS3: 4.3 | 0% Низкий | около 6 лет назад |
| CVE-2019-15576 An information disclosure vulnerability exists in GitLab CE/EE <v12.3.2, <v12.2.6, and <v12.1.12 that allowed an attacker to view private system notes from a GraphQL endpoint. | CVSS3: 7.5 | 1% Низкий | около 6 лет назад |
| CVE-2019-15576 An information disclosure vulnerability exists in GitLab CE/EE <v12.3. ... | CVSS3: 7.5 | 1% Низкий | около 6 лет назад |
| CVE-2019-15575 A command injection exists in GitLab CE/EE <v12.3.2, <v12.2.6, and <v12.1.12 that allowed an attacker to inject commands via the API through the blobs scope. | CVSS3: 7.5 | 3% Низкий | около 6 лет назад |
| CVE-2019-15575 A command injection exists in GitLab CE/EE <v12.3.2, <v12.2.6, and <v1 ... | CVSS3: 7.5 | 3% Низкий | около 6 лет назад |
 | CVE-2019-15589 An improper access control vulnerability exists in Gitlab <v12.3.2, <v12.2.6, <v12.1.12 which would allow a blocked user would be able to use GIT clone and pull if he had obtained a CI/CD token before. | CVSS3: 8.8 | 0% Низкий | около 6 лет назад |
Уязвимостей на страницу