Логотип exploitDog
product: "gitlab"
Консоль
Логотип exploitDog

exploitDog

product: "gitlab"
Gitlab

Gitlabвеб-платформа для управления проектами и репозиториями программного кода, работа которой основана на популярной системе контроля версий Git.

Релизный цикл, информация об уязвимостях

Продукт: Gitlab
Вендор: gitlab

График релизов

18.518.618.7202520262027

Недавние уязвимости Gitlab

Количество 5 237

nvd логотип

CVE-2019-6791

больше 6 лет назад

An issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It has Incorrect Access Control (issue 3 of 3). When a project with visibility more permissive than the target group is imported, it will retain its prior visibility.

CVSS3: 6.5
EPSS: Низкий
debian логотип

CVE-2019-6791

больше 6 лет назад

An issue was discovered in GitLab Community and Enterprise Edition bef ...

CVSS3: 6.5
EPSS: Низкий
ubuntu логотип

CVE-2019-7176

больше 6 лет назад

An issue was discovered in GitLab Community and Enterprise Edition 8.x (starting in 8.9), 9.x, 10.x, and 11.x before 11.5.9, 11.6.x before 11.6.7, and 11.7.x before 11.7.2. It has Incorrect Access Control. Guest users are able to add reaction emojis on comments to which they have no visibility.

CVSS3: 3.7
EPSS: Низкий
ubuntu логотип

CVE-2019-6791

больше 6 лет назад

An issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It has Incorrect Access Control (issue 3 of 3). When a project with visibility more permissive than the target group is imported, it will retain its prior visibility.

CVSS3: 6.5
EPSS: Низкий
nvd логотип

CVE-2019-6997

больше 6 лет назад

An issue was discovered in GitLab Community and Enterprise Edition 10.x (starting in 10.7) and 11.x before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It has Incorrect Access Control. System notes contain an access control issue that permits a guest user to view merge request titles.

CVSS3: 4.3
EPSS: Низкий
debian логотип

CVE-2019-6997

больше 6 лет назад

An issue was discovered in GitLab Community and Enterprise Edition 10. ...

CVSS3: 4.3
EPSS: Низкий
nvd логотип

CVE-2019-6996

больше 6 лет назад

An issue was discovered in GitLab Enterprise Edition 10.x (starting in 10.6) and 11.x before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It has Incorrect Access Control. The merge request approvers section has an access control issue that permits project maintainers to view membership of private groups.

CVSS3: 4.3
EPSS: Низкий
debian логотип

CVE-2019-6996

больше 6 лет назад

An issue was discovered in GitLab Enterprise Edition 10.x (starting in ...

CVSS3: 4.3
EPSS: Низкий
nvd логотип

CVE-2019-6995

больше 6 лет назад

An issue was discovered in GitLab Community and Enterprise Edition 8.x, 9.x, 10.x, and 11.x before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It has Incorrect Access Control. Users are able to comment on locked project issues.

CVSS3: 6.5
EPSS: Низкий
debian логотип

CVE-2019-6995

больше 6 лет назад

An issue was discovered in GitLab Community and Enterprise Edition 8.x ...

CVSS3: 6.5
EPSS: Низкий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
1
nvd логотип
CVE-2019-6791

An issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It has Incorrect Access Control (issue 3 of 3). When a project with visibility more permissive than the target group is imported, it will retain its prior visibility.

CVSS3: 6.5
0%
Низкий
больше 6 лет назад
debian логотип
CVE-2019-6791

An issue was discovered in GitLab Community and Enterprise Edition bef ...

CVSS3: 6.5
0%
Низкий
больше 6 лет назад
ubuntu логотип
CVE-2019-7176

An issue was discovered in GitLab Community and Enterprise Edition 8.x (starting in 8.9), 9.x, 10.x, and 11.x before 11.5.9, 11.6.x before 11.6.7, and 11.7.x before 11.7.2. It has Incorrect Access Control. Guest users are able to add reaction emojis on comments to which they have no visibility.

CVSS3: 3.7
0%
Низкий
больше 6 лет назад
ubuntu логотип
CVE-2019-6791

An issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It has Incorrect Access Control (issue 3 of 3). When a project with visibility more permissive than the target group is imported, it will retain its prior visibility.

CVSS3: 6.5
0%
Низкий
больше 6 лет назад
nvd логотип
CVE-2019-6997

An issue was discovered in GitLab Community and Enterprise Edition 10.x (starting in 10.7) and 11.x before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It has Incorrect Access Control. System notes contain an access control issue that permits a guest user to view merge request titles.

CVSS3: 4.3
0%
Низкий
больше 6 лет назад
debian логотип
CVE-2019-6997

An issue was discovered in GitLab Community and Enterprise Edition 10. ...

CVSS3: 4.3
0%
Низкий
больше 6 лет назад
nvd логотип
CVE-2019-6996

An issue was discovered in GitLab Enterprise Edition 10.x (starting in 10.6) and 11.x before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It has Incorrect Access Control. The merge request approvers section has an access control issue that permits project maintainers to view membership of private groups.

CVSS3: 4.3
0%
Низкий
больше 6 лет назад
debian логотип
CVE-2019-6996

An issue was discovered in GitLab Enterprise Edition 10.x (starting in ...

CVSS3: 4.3
0%
Низкий
больше 6 лет назад
nvd логотип
CVE-2019-6995

An issue was discovered in GitLab Community and Enterprise Edition 8.x, 9.x, 10.x, and 11.x before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It has Incorrect Access Control. Users are able to comment on locked project issues.

CVSS3: 6.5
0%
Низкий
больше 6 лет назад
debian логотип
CVE-2019-6995

An issue was discovered in GitLab Community and Enterprise Edition 8.x ...

CVSS3: 6.5
0%
Низкий
больше 6 лет назад

Уязвимостей на страницу

Поделиться