Gitlab — веб-платформа для управления проектами и репозиториями программного кода, работа которой основана на популярной системе контроля версий Git.
Релизный цикл, информация об уязвимостях
График релизов
Количество 5 203
CVE-2018-14364
GitLab Community and Enterprise Edition before 10.7.7, 10.8.x before 10.8.6, and 11.x before 11.0.4 allows Directory Traversal with write access and resultant remote code execution via the GitLab projects import component.
CVE-2017-0921
GitLab Community and Enterprise Editions before 10.1.6, 10.2.6, and 10.3.4 are vulnerable to an unverified password change issue in the PasswordsController component resulting in potential account takeover if a victim's session is compromised.
CVE-2017-0921
GitLab Community and Enterprise Editions before 10.1.6, 10.2.6, and 10 ...
CVE-2017-0919
GitLab Community and Enterprise Editions before 10.1.6, 10.2.6, and 10.3.4 are vulnerable to an authorization bypass issue in the GitLab import component resulting in an attacker being able to perform operations under a group in which they were previously unauthorized.
CVE-2017-0919
GitLab Community and Enterprise Editions before 10.1.6, 10.2.6, and 10 ...
CVE-2017-0921
GitLab Community and Enterprise Editions before 10.1.6, 10.2.6, and 10.3.4 are vulnerable to an unverified password change issue in the PasswordsController component resulting in potential account takeover if a victim's session is compromised.
CVE-2017-0919
GitLab Community and Enterprise Editions before 10.1.6, 10.2.6, and 10.3.4 are vulnerable to an authorization bypass issue in the GitLab import component resulting in an attacker being able to perform operations under a group in which they were previously unauthorized.
CVE-2018-10379
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) before 10.5.8, 10.6.x before 10.6.5, and 10.7.x before 10.7.2. The Move Issue feature contained a persistent XSS vulnerability.
CVE-2018-10379
An issue was discovered in GitLab Community Edition (CE) and Enterpris ...
CVE-2018-10379
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) before 10.5.8, 10.6.x before 10.6.5, and 10.7.x before 10.7.2. The Move Issue feature contained a persistent XSS vulnerability.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | CVE-2018-14364 GitLab Community and Enterprise Edition before 10.7.7, 10.8.x before 10.8.6, and 11.x before 11.0.4 allows Directory Traversal with write access and resultant remote code execution via the GitLab projects import component. | CVSS3: 9.8 | 39% Средний | больше 7 лет назад |
 | CVE-2017-0921 GitLab Community and Enterprise Editions before 10.1.6, 10.2.6, and 10.3.4 are vulnerable to an unverified password change issue in the PasswordsController component resulting in potential account takeover if a victim's session is compromised. | CVSS3: 8.1 | 0% Низкий | больше 7 лет назад |
| CVE-2017-0921 GitLab Community and Enterprise Editions before 10.1.6, 10.2.6, and 10 ... | CVSS3: 8.1 | 0% Низкий | больше 7 лет назад |
| CVE-2017-0919 GitLab Community and Enterprise Editions before 10.1.6, 10.2.6, and 10.3.4 are vulnerable to an authorization bypass issue in the GitLab import component resulting in an attacker being able to perform operations under a group in which they were previously unauthorized. | CVSS3: 7.5 | 0% Низкий | больше 7 лет назад |
| CVE-2017-0919 GitLab Community and Enterprise Editions before 10.1.6, 10.2.6, and 10 ... | CVSS3: 7.5 | 0% Низкий | больше 7 лет назад |
| CVE-2017-0921 GitLab Community and Enterprise Editions before 10.1.6, 10.2.6, and 10.3.4 are vulnerable to an unverified password change issue in the PasswordsController component resulting in potential account takeover if a victim's session is compromised. | CVSS3: 8.1 | 0% Низкий | больше 7 лет назад |
| CVE-2017-0919 GitLab Community and Enterprise Editions before 10.1.6, 10.2.6, and 10.3.4 are vulnerable to an authorization bypass issue in the GitLab import component resulting in an attacker being able to perform operations under a group in which they were previously unauthorized. | CVSS3: 7.5 | 0% Низкий | больше 7 лет назад |
| CVE-2018-10379 An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) before 10.5.8, 10.6.x before 10.6.5, and 10.7.x before 10.7.2. The Move Issue feature contained a persistent XSS vulnerability. | CVSS3: 6.1 | 0% Низкий | больше 7 лет назад |
| CVE-2018-10379 An issue was discovered in GitLab Community Edition (CE) and Enterpris ... | CVSS3: 6.1 | 0% Низкий | больше 7 лет назад |
| CVE-2018-10379 An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) before 10.5.8, 10.6.x before 10.6.5, and 10.7.x before 10.7.2. The Move Issue feature contained a persistent XSS vulnerability. | CVSS3: 6.1 | 0% Низкий | больше 7 лет назад |
Уязвимостей на страницу