Gitlab — веб-платформа для управления проектами и репозиториями программного кода, работа которой основана на популярной системе контроля версий Git.
Релизный цикл, информация об уязвимостях
График релизов
Количество 5 268
CVE-2019-10115
An Insecure Permissions issue (issue 2 of 3) was discovered in GitLab ...
CVE-2019-10114
An Information Exposure issue (issue 2 of 2) was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. During the OAuth authentication process, the application attempts to validate a parameter in an insecure way, potentially exposing data.
CVE-2019-10114
An Information Exposure issue (issue 2 of 2) was discovered in GitLab ...
CVE-2019-10113
An issue was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. Making concurrent GET /api/v4/projects/<id>/languages requests may allow Uncontrolled Resource Consumption.
CVE-2019-10113
An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2019-10116
An Insecure Permissions issue (issue 3 of 3) was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. Guests of a project were allowed to see Related Branches created for an issue.
CVE-2019-10114
An Information Exposure issue (issue 2 of 2) was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. During the OAuth authentication process, the application attempts to validate a parameter in an insecure way, potentially exposing data.
CVE-2019-10117
An Open Redirect issue was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. A redirect is triggered after successful authentication within the Oauth/:GeoAuthController for the secondary Geo node.
CVE-2019-10115
An Insecure Permissions issue (issue 2 of 3) was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. The GitLab Releases feature could allow guest users access to private information like release details and code information.
CVE-2019-10113
An issue was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. Making concurrent GET /api/v4/projects/<id>/languages requests may allow Uncontrolled Resource Consumption.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| CVE-2019-10115 An Insecure Permissions issue (issue 2 of 3) was discovered in GitLab ... | CVSS3: 6.5 | 0% Низкий | больше 6 лет назад |
 | CVE-2019-10114 An Information Exposure issue (issue 2 of 2) was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. During the OAuth authentication process, the application attempts to validate a parameter in an insecure way, potentially exposing data. | CVSS3: 7.5 | 0% Низкий | больше 6 лет назад |
| CVE-2019-10114 An Information Exposure issue (issue 2 of 2) was discovered in GitLab ... | CVSS3: 7.5 | 0% Низкий | больше 6 лет назад |
| CVE-2019-10113 An issue was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. Making concurrent GET /api/v4/projects/<id>/languages requests may allow Uncontrolled Resource Consumption. | CVSS3: 7.5 | 0% Низкий | больше 6 лет назад |
| CVE-2019-10113 An issue was discovered in GitLab Community and Enterprise Edition bef ... | CVSS3: 7.5 | 0% Низкий | больше 6 лет назад |
 | CVE-2019-10116 An Insecure Permissions issue (issue 3 of 3) was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. Guests of a project were allowed to see Related Branches created for an issue. | CVSS3: 4.3 | 0% Низкий | больше 6 лет назад |
| CVE-2019-10114 An Information Exposure issue (issue 2 of 2) was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. During the OAuth authentication process, the application attempts to validate a parameter in an insecure way, potentially exposing data. | CVSS3: 7.5 | 0% Низкий | больше 6 лет назад |
| CVE-2019-10117 An Open Redirect issue was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. A redirect is triggered after successful authentication within the Oauth/:GeoAuthController for the secondary Geo node. | CVSS3: 6.1 | 0% Низкий | больше 6 лет назад |
| CVE-2019-10115 An Insecure Permissions issue (issue 2 of 3) was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. The GitLab Releases feature could allow guest users access to private information like release details and code information. | CVSS3: 6.5 | 0% Низкий | больше 6 лет назад |
| CVE-2019-10113 An issue was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. Making concurrent GET /api/v4/projects/<id>/languages requests may allow Uncontrolled Resource Consumption. | CVSS3: 7.5 | 0% Низкий | больше 6 лет назад |
Уязвимостей на страницу