Gitlab — веб-платформа для управления проектами и репозиториями программного кода, работа которой основана на популярной системе контроля версий Git.
Релизный цикл, информация об уязвимостях
График релизов
Количество 5 336
CVE-2018-19571
GitLab CE/EE, versions 8.18 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an SSRF vulnerability in webhooks.
CVE-2018-19582
GitLab EE, versions 11.4 before 11.4.8 and 11.5 before 11.5.1, is affected by an insecure direct object reference vulnerability that permits an unauthorized user to publish the draft merge request comments of another user.
CVE-2018-19576
GitLab CE/EE, versions 8.6 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an access control issue that allows a Guest user to make changes to or delete their own comments on an issue, after the issue was made Confidential.
CVE-2018-19576
GitLab CE/EE, versions 8.6 up to 11.x before 11.3.11, 11.4 before 11.4 ...
CVE-2018-19575
GitLab CE/EE, versions 10.1 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an insecure direct object reference issue that allows a user to make comments on a locked issue.
CVE-2018-19575
GitLab CE/EE, versions 10.1 up to 11.x before 11.3.11, 11.4 before 11. ...
CVE-2018-19574
GitLab CE/EE, versions 7.6 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an XSS vulnerability in the OAuth authorization page.
CVE-2018-19574
GitLab CE/EE, versions 7.6 up to 11.x before 11.3.11, 11.4 before 11.4 ...
CVE-2018-19573
GitLab CE/EE, versions 10.3 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an XSS vulnerability in Markdown fields via Mermaid.
CVE-2018-19573
GitLab CE/EE, versions 10.3 up to 11.x before 11.3.11, 11.4 before 11. ...
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | CVE-2018-19571 GitLab CE/EE, versions 8.18 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an SSRF vulnerability in webhooks. | CVSS3: 7.7 | 35% Средний | больше 6 лет назад |
| CVE-2018-19582 GitLab EE, versions 11.4 before 11.4.8 and 11.5 before 11.5.1, is affected by an insecure direct object reference vulnerability that permits an unauthorized user to publish the draft merge request comments of another user. | CVSS3: 4.3 | 0% Низкий | больше 6 лет назад |
 | CVE-2018-19576 GitLab CE/EE, versions 8.6 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an access control issue that allows a Guest user to make changes to or delete their own comments on an issue, after the issue was made Confidential. | CVSS3: 8.1 | 0% Низкий | больше 6 лет назад |
| CVE-2018-19576 GitLab CE/EE, versions 8.6 up to 11.x before 11.3.11, 11.4 before 11.4 ... | CVSS3: 8.1 | 0% Низкий | больше 6 лет назад |
| CVE-2018-19575 GitLab CE/EE, versions 10.1 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an insecure direct object reference issue that allows a user to make comments on a locked issue. | CVSS3: 4.3 | 0% Низкий | больше 6 лет назад |
| CVE-2018-19575 GitLab CE/EE, versions 10.1 up to 11.x before 11.3.11, 11.4 before 11. ... | CVSS3: 4.3 | 0% Низкий | больше 6 лет назад |
| CVE-2018-19574 GitLab CE/EE, versions 7.6 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an XSS vulnerability in the OAuth authorization page. | CVSS3: 5.4 | 0% Низкий | больше 6 лет назад |
| CVE-2018-19574 GitLab CE/EE, versions 7.6 up to 11.x before 11.3.11, 11.4 before 11.4 ... | CVSS3: 5.4 | 0% Низкий | больше 6 лет назад |
| CVE-2018-19573 GitLab CE/EE, versions 10.3 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an XSS vulnerability in Markdown fields via Mermaid. | CVSS3: 5.4 | 0% Низкий | больше 6 лет назад |
| CVE-2018-19573 GitLab CE/EE, versions 10.3 up to 11.x before 11.3.11, 11.4 before 11. ... | CVSS3: 5.4 | 0% Низкий | больше 6 лет назад |
Уязвимостей на страницу