Gitlab — веб-платформа для управления проектами и репозиториями программного кода, работа которой основана на популярной системе контроля версий Git.

Релизный цикл, информация об уязвимостях

Продукт: Gitlab

Вендор: gitlab

График релизов

Недавние уязвимости Gitlab

Количество 5 203

CVE-2019-10300

больше 6 лет назад

A cross-site request forgery vulnerability in Jenkins GitLab Plugin 1.5.11 and earlier in the GitLabConnectionConfig#doTestConnection form validation method allowed attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

CVSS3: 8

EPSS: Низкий

CVE-2019-9890

больше 6 лет назад

An issue was discovered in GitLab Community and Enterprise Edition 10.x and 11.x before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Insecure Permissions.

CVSS3: 9.1

EPSS: Низкий

CVE-2019-9890

больше 6 лет назад

An issue was discovered in GitLab Community and Enterprise Edition 10. ...

CVSS3: 9.1

EPSS: Низкий

CVE-2019-9756

больше 6 лет назад

An issue was discovered in GitLab Community and Enterprise Edition 10.x (starting from 10.8) and 11.x before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control, a different vulnerability than CVE-2019-9732.

CVSS3: 9.8

EPSS: Низкий

CVE-2019-9756

больше 6 лет назад

An issue was discovered in GitLab Community and Enterprise Edition 10. ...

CVSS3: 9.8

EPSS: Низкий

CVE-2019-9225

больше 6 лет назад

An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control (issue 5 of 5).

CVSS3: 5.3

EPSS: Низкий

CVE-2019-9225

больше 6 лет назад

An issue was discovered in GitLab Community and Enterprise Edition bef ...

CVSS3: 5.3

EPSS: Низкий

CVE-2019-9224

больше 6 лет назад

An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control (issue 4 of 5).

CVSS3: 5.3

EPSS: Низкий

CVE-2019-9224

больше 6 лет назад

An issue was discovered in GitLab Community and Enterprise Edition bef ...

CVSS3: 5.3

EPSS: Низкий

CVE-2019-9223

больше 6 лет назад

An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It allows Information Exposure.

CVSS3: 7.5

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано 1
CVE-2019-10300 A cross-site request forgery vulnerability in Jenkins GitLab Plugin 1.5.11 and earlier in the GitLabConnectionConfig#doTestConnection form validation method allowed attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.	CVSS3: 8	0% Низкий	больше 6 лет назад
CVE-2019-9890 An issue was discovered in GitLab Community and Enterprise Edition 10.x and 11.x before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Insecure Permissions.	CVSS3: 9.1	0% Низкий	больше 6 лет назад
CVE-2019-9890 An issue was discovered in GitLab Community and Enterprise Edition 10. ...	CVSS3: 9.1	0% Низкий	больше 6 лет назад
CVE-2019-9756 An issue was discovered in GitLab Community and Enterprise Edition 10.x (starting from 10.8) and 11.x before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control, a different vulnerability than CVE-2019-9732.	CVSS3: 9.8	0% Низкий	больше 6 лет назад
CVE-2019-9756 An issue was discovered in GitLab Community and Enterprise Edition 10. ...	CVSS3: 9.8	0% Низкий	больше 6 лет назад
CVE-2019-9225 An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control (issue 5 of 5).	CVSS3: 5.3	0% Низкий	больше 6 лет назад
CVE-2019-9225 An issue was discovered in GitLab Community and Enterprise Edition bef ...	CVSS3: 5.3	0% Низкий	больше 6 лет назад
CVE-2019-9224 An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control (issue 4 of 5).	CVSS3: 5.3	0% Низкий	больше 6 лет назад
CVE-2019-9224 An issue was discovered in GitLab Community and Enterprise Edition bef ...	CVSS3: 5.3	0% Низкий	больше 6 лет назад
CVE-2019-9223 An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It allows Information Exposure.	CVSS3: 7.5	0% Низкий	больше 6 лет назад

Уязвимостей на страницу