Gitlab — веб-платформа для управления проектами и репозиториями программного кода, работа которой основана на популярной системе контроля версий Git.
Релизный цикл, информация об уязвимостях
График релизов
Количество 5 332
CVE-2019-9218
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control (issue 1 of 5).
CVE-2019-7549
An issue was discovered in GitLab Community and Enterprise Edition 10.x and 11.x before 11.5.10, 11.6.x before 11.6.8, and 11.7.x before 11.7.3. It has Incorrect Access Control. The GitLab pipelines feature is vulnerable to authorization issues that allow unauthorized users to view job information.
CVE-2019-7353
An Incorrect Access Control issue was discovered in GitLab Community and Enterprise Edition 11.7.x before 11.7.4. GitLab Releases were vulnerable to an authorization issue that allowed users to view confidential issue and merge request titles of other projects.
CVE-2019-7353
An Incorrect Access Control issue was discovered in GitLab Community a ...
CVE-2019-7353
An Incorrect Access Control issue was discovered in GitLab Community and Enterprise Edition 11.7.x before 11.7.4. GitLab Releases were vulnerable to an authorization issue that allowed users to view confidential issue and merge request titles of other projects.
CVE-2019-6797
An information disclosure issue was discovered in GitLab Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. The GitHub token used in CI/CD for External Repos was being leaked to project maintainers in the UI.
CVE-2019-6797
An information disclosure issue was discovered in GitLab Enterprise Ed ...
CVE-2019-6790
An Incorrect Access Control (issue 2 of 3) issue was discovered in GitLab Community and Enterprise Edition 8.14 and later but before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. Guest users were able to view the list of a group's merge requests.
CVE-2019-6790
An Incorrect Access Control (issue 2 of 3) issue was discovered in Git ...
CVE-2019-6787
An Incorrect Access Control issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. The GitLab API allowed project Maintainers and Owners to view the trigger tokens of other project users.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | CVE-2019-9218 An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control (issue 1 of 5). | CVSS3: 9.8 | 0% Низкий | больше 6 лет назад |
| CVE-2019-7549 An issue was discovered in GitLab Community and Enterprise Edition 10.x and 11.x before 11.5.10, 11.6.x before 11.6.8, and 11.7.x before 11.7.3. It has Incorrect Access Control. The GitLab pipelines feature is vulnerable to authorization issues that allow unauthorized users to view job information. | CVSS3: 4.3 | 0% Низкий | больше 6 лет назад |
 | CVE-2019-7353 An Incorrect Access Control issue was discovered in GitLab Community and Enterprise Edition 11.7.x before 11.7.4. GitLab Releases were vulnerable to an authorization issue that allowed users to view confidential issue and merge request titles of other projects. | CVSS3: 9.1 | 0% Низкий | больше 6 лет назад |
| CVE-2019-7353 An Incorrect Access Control issue was discovered in GitLab Community a ... | CVSS3: 9.1 | 0% Низкий | больше 6 лет назад |
| CVE-2019-7353 An Incorrect Access Control issue was discovered in GitLab Community and Enterprise Edition 11.7.x before 11.7.4. GitLab Releases were vulnerable to an authorization issue that allowed users to view confidential issue and merge request titles of other projects. | CVSS3: 9.1 | 0% Низкий | больше 6 лет назад |
| CVE-2019-6797 An information disclosure issue was discovered in GitLab Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. The GitHub token used in CI/CD for External Repos was being leaked to project maintainers in the UI. | CVSS3: 7.5 | 0% Низкий | больше 6 лет назад |
| CVE-2019-6797 An information disclosure issue was discovered in GitLab Enterprise Ed ... | CVSS3: 7.5 | 0% Низкий | больше 6 лет назад |
| CVE-2019-6790 An Incorrect Access Control (issue 2 of 3) issue was discovered in GitLab Community and Enterprise Edition 8.14 and later but before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. Guest users were able to view the list of a group's merge requests. | CVSS3: 4.3 | 0% Низкий | больше 6 лет назад |
| CVE-2019-6790 An Incorrect Access Control (issue 2 of 3) issue was discovered in Git ... | CVSS3: 4.3 | 0% Низкий | больше 6 лет назад |
| CVE-2019-6787 An Incorrect Access Control issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. The GitLab API allowed project Maintainers and Owners to view the trigger tokens of other project users. | CVSS3: 6.5 | 0% Низкий | больше 6 лет назад |
Уязвимостей на страницу