Gitlab — веб-платформа для управления проектами и репозиториями программного кода, работа которой основана на популярной системе контроля версий Git.
Релизный цикл, информация об уязвимостях
График релизов
Количество 5 324
CVE-2018-19582
GitLab EE, versions 11.4 before 11.4.8 and 11.5 before 11.5.1, is affected by an insecure direct object reference vulnerability that permits an unauthorized user to publish the draft merge request comments of another user.
CVE-2018-19582
GitLab EE, versions 11.4 before 11.4.8 and 11.5 before 11.5.1, is affe ...
CVE-2018-19581
GitLab EE, versions 8.3 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, is vulnerable to an insecure object reference vulnerability that allows a Guest user to set the weight of an issue they create.
CVE-2018-19581
GitLab EE, versions 8.3 up to 11.x before 11.3.11, 11.4 before 11.4.8, ...
CVE-2018-19580
All versions of GitLab prior to 11.5.1, 11.4.8, and 11.3.11 do not send an email to the old email address when an email address change is made.
CVE-2018-19580
All versions of GitLab prior to 11.5.1, 11.4.8, and 11.3.11 do not sen ...
CVE-2018-19579
GitLab EE version 11.5 is vulnerable to a persistent XSS vulnerability in the Operations page. This is fixed in 11.5.1.
CVE-2018-19579
GitLab EE version 11.5 is vulnerable to a persistent XSS vulnerability ...
CVE-2018-19578
GitLab EE, version 11.5 before 11.5.1, is vulnerable to an insecure object reference issue that permits a user with Reporter privileges to view the Jaeger Tracing Operations page.
CVE-2018-19578
GitLab EE, version 11.5 before 11.5.1, is vulnerable to an insecure ob ...
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | CVE-2018-19582 GitLab EE, versions 11.4 before 11.4.8 and 11.5 before 11.5.1, is affected by an insecure direct object reference vulnerability that permits an unauthorized user to publish the draft merge request comments of another user. | CVSS3: 4.3 | 0% Низкий | больше 6 лет назад |
| CVE-2018-19582 GitLab EE, versions 11.4 before 11.4.8 and 11.5 before 11.5.1, is affe ... | CVSS3: 4.3 | 0% Низкий | больше 6 лет назад |
| CVE-2018-19581 GitLab EE, versions 8.3 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, is vulnerable to an insecure object reference vulnerability that allows a Guest user to set the weight of an issue they create. | CVSS3: 7.5 | 0% Низкий | больше 6 лет назад |
| CVE-2018-19581 GitLab EE, versions 8.3 up to 11.x before 11.3.11, 11.4 before 11.4.8, ... | CVSS3: 7.5 | 0% Низкий | больше 6 лет назад |
| CVE-2018-19580 All versions of GitLab prior to 11.5.1, 11.4.8, and 11.3.11 do not send an email to the old email address when an email address change is made. | CVSS3: 5.3 | 0% Низкий | больше 6 лет назад |
| CVE-2018-19580 All versions of GitLab prior to 11.5.1, 11.4.8, and 11.3.11 do not sen ... | CVSS3: 5.3 | 0% Низкий | больше 6 лет назад |
| CVE-2018-19579 GitLab EE version 11.5 is vulnerable to a persistent XSS vulnerability in the Operations page. This is fixed in 11.5.1. | CVSS3: 5.4 | 0% Низкий | больше 6 лет назад |
| CVE-2018-19579 GitLab EE version 11.5 is vulnerable to a persistent XSS vulnerability ... | CVSS3: 5.4 | 0% Низкий | больше 6 лет назад |
| CVE-2018-19578 GitLab EE, version 11.5 before 11.5.1, is vulnerable to an insecure object reference issue that permits a user with Reporter privileges to view the Jaeger Tracing Operations page. | CVSS3: 6.5 | 0% Низкий | больше 6 лет назад |
| CVE-2018-19578 GitLab EE, version 11.5 before 11.5.1, is vulnerable to an insecure ob ... | CVSS3: 6.5 | 0% Низкий | больше 6 лет назад |
Уязвимостей на страницу