Gitlab — веб-платформа для управления проектами и репозиториями программного кода, работа которой основана на популярной системе контроля версий Git.

Релизный цикл, информация об уязвимостях

Продукт: Gitlab

Вендор: gitlab

График релизов

Недавние уязвимости Gitlab

Количество 5 203

CVE-2018-18647

около 7 лет назад

An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It has Missing Authorization.

CVSS3: 6.5

EPSS: Низкий

CVE-2018-18642

около 7 лет назад

An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It has XSS.

CVSS3: 6.1

EPSS: Низкий

CVE-2018-17975

около 7 лет назад

An issue was discovered in GitLab Community Edition 11.x before 11.1.8, 11.2.x before 11.2.5, and 11.3.x before 11.3.2. There is Information Exposure via the GFM markdown API.

CVSS3: 5.3

EPSS: Низкий

CVE-2018-18644

около 7 лет назад

An issue was discovered in GitLab Community and Enterprise Edition 11.x before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It allows Information Exposure via a Gitlab Prometheus integration.

CVSS3: 6.5

EPSS: Низкий

CVE-2018-17939

около 7 лет назад

An issue was discovered in GitLab Community and Enterprise Edition 11.1.x before 11.1.8, 11.2.x before 11.2.5, and 11.3.x before 11.3.2. There is Information Exposure via the merge request JSON endpoint.

CVSS3: 7.5

EPSS: Низкий

CVE-2018-18645

около 7 лет назад

An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It allows for Information Exposure via unsubscribe links in email replies.

CVSS3: 4.3

EPSS: Низкий

CVE-2018-18649

около 7 лет назад

An issue was discovered in the wiki API in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It allows for remote code execution.

CVSS3: 9.8

EPSS: Средний

CVE-2018-18649

около 7 лет назад

An issue was discovered in the wiki API in GitLab Community and Enterp ...

CVSS3: 9.8

EPSS: Средний

CVE-2018-18649

около 7 лет назад

An issue was discovered in the wiki API in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It allows for remote code execution.

CVSS3: 9.8

EPSS: Средний

CVE-2018-16051

около 7 лет назад

An issue was discovered in GitLab Community and Enterprise Edition before 11.0.6, 11.1.x before 11.1.5, and 11.2.x before 11.2.2. There is Orphaned Upload Files Exposure.

CVSS3: 6.5

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано 1
CVE-2018-18647 An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It has Missing Authorization.	CVSS3: 6.5	0% Низкий	около 7 лет назад
CVE-2018-18642 An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It has XSS.	CVSS3: 6.1	0% Низкий	около 7 лет назад
CVE-2018-17975 An issue was discovered in GitLab Community Edition 11.x before 11.1.8, 11.2.x before 11.2.5, and 11.3.x before 11.3.2. There is Information Exposure via the GFM markdown API.	CVSS3: 5.3	0% Низкий	около 7 лет назад
CVE-2018-18644 An issue was discovered in GitLab Community and Enterprise Edition 11.x before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It allows Information Exposure via a Gitlab Prometheus integration.	CVSS3: 6.5	0% Низкий	около 7 лет назад
CVE-2018-17939 An issue was discovered in GitLab Community and Enterprise Edition 11.1.x before 11.1.8, 11.2.x before 11.2.5, and 11.3.x before 11.3.2. There is Information Exposure via the merge request JSON endpoint.	CVSS3: 7.5	0% Низкий	около 7 лет назад
CVE-2018-18645 An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It allows for Information Exposure via unsubscribe links in email replies.	CVSS3: 4.3	0% Низкий	около 7 лет назад
CVE-2018-18649 An issue was discovered in the wiki API in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It allows for remote code execution.	CVSS3: 9.8	55% Средний	около 7 лет назад
CVE-2018-18649 An issue was discovered in the wiki API in GitLab Community and Enterp ...	CVSS3: 9.8	55% Средний	около 7 лет назад
CVE-2018-18649 An issue was discovered in the wiki API in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It allows for remote code execution.	CVSS3: 9.8	55% Средний	около 7 лет назад
CVE-2018-16051 An issue was discovered in GitLab Community and Enterprise Edition before 11.0.6, 11.1.x before 11.1.5, and 11.2.x before 11.2.2. There is Orphaned Upload Files Exposure.	CVSS3: 6.5	0% Низкий	около 7 лет назад

Уязвимостей на страницу