Gitlab — веб-платформа для управления проектами и репозиториями программного кода, работа которой основана на популярной системе контроля версий Git.

Релизный цикл, информация об уязвимостях

Продукт: Gitlab

Вендор: gitlab

График релизов

Недавние уязвимости Gitlab

Количество 5 276

CVE-2019-10114

больше 6 лет назад

An Information Exposure issue (issue 2 of 2) was discovered in GitLab ...

CVSS3: 7.5

EPSS: Низкий

CVE-2019-10113

больше 6 лет назад

An issue was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. Making concurrent GET /api/v4/projects/<id>/languages requests may allow Uncontrolled Resource Consumption.

CVSS3: 7.5

EPSS: Низкий

CVE-2019-10113

больше 6 лет назад

An issue was discovered in GitLab Community and Enterprise Edition bef ...

CVSS3: 7.5

EPSS: Низкий

CVE-2019-10116

больше 6 лет назад

An Insecure Permissions issue (issue 3 of 3) was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. Guests of a project were allowed to see Related Branches created for an issue.

CVSS3: 4.3

EPSS: Низкий

CVE-2019-10113

больше 6 лет назад

CVSS3: 7.5

EPSS: Низкий

CVE-2019-10117

больше 6 лет назад

An Open Redirect issue was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. A redirect is triggered after successful authentication within the Oauth/:GeoAuthController for the secondary Geo node.

CVSS3: 6.1

EPSS: Низкий

CVE-2019-10114

больше 6 лет назад

An Information Exposure issue (issue 2 of 2) was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. During the OAuth authentication process, the application attempts to validate a parameter in an insecure way, potentially exposing data.

CVSS3: 7.5

EPSS: Низкий

CVE-2019-10115

больше 6 лет назад

An Insecure Permissions issue (issue 2 of 3) was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. The GitLab Releases feature could allow guest users access to private information like release details and code information.

CVSS3: 6.5

EPSS: Низкий

CVE-2019-10111

больше 6 лет назад

An issue was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. It allows persistent XSS in the merge request "resolve conflicts" page.

CVSS3: 5.4

EPSS: Низкий

CVE-2019-10111

больше 6 лет назад

An issue was discovered in GitLab Community and Enterprise Edition bef ...

CVSS3: 5.4

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано 1
CVE-2019-10114 An Information Exposure issue (issue 2 of 2) was discovered in GitLab ...	CVSS3: 7.5	0% Низкий	больше 6 лет назад
CVE-2019-10113 An issue was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. Making concurrent GET /api/v4/projects/<id>/languages requests may allow Uncontrolled Resource Consumption.	CVSS3: 7.5	0% Низкий	больше 6 лет назад
CVE-2019-10113 An issue was discovered in GitLab Community and Enterprise Edition bef ...	CVSS3: 7.5	0% Низкий	больше 6 лет назад
CVE-2019-10116 An Insecure Permissions issue (issue 3 of 3) was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. Guests of a project were allowed to see Related Branches created for an issue.	CVSS3: 4.3	0% Низкий	больше 6 лет назад
CVE-2019-10113 An issue was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. Making concurrent GET /api/v4/projects/<id>/languages requests may allow Uncontrolled Resource Consumption.	CVSS3: 7.5	0% Низкий	больше 6 лет назад
CVE-2019-10117 An Open Redirect issue was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. A redirect is triggered after successful authentication within the Oauth/:GeoAuthController for the secondary Geo node.	CVSS3: 6.1	0% Низкий	больше 6 лет назад
CVE-2019-10114 An Information Exposure issue (issue 2 of 2) was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. During the OAuth authentication process, the application attempts to validate a parameter in an insecure way, potentially exposing data.	CVSS3: 7.5	0% Низкий	больше 6 лет назад
CVE-2019-10115 An Insecure Permissions issue (issue 2 of 3) was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. The GitLab Releases feature could allow guest users access to private information like release details and code information.	CVSS3: 6.5	0% Низкий	больше 6 лет назад
CVE-2019-10111 An issue was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. It allows persistent XSS in the merge request "resolve conflicts" page.	CVSS3: 5.4	0% Низкий	больше 6 лет назад
CVE-2019-10111 An issue was discovered in GitLab Community and Enterprise Edition bef ...	CVSS3: 5.4	0% Низкий	больше 6 лет назад

Уязвимостей на страницу