Gitlab — веб-платформа для управления проектами и репозиториями программного кода, работа которой основана на популярной системе контроля версий Git.
Релизный цикл, информация об уязвимостях
График релизов
Количество 5 324
CVE-2018-12605
An issue was discovered in GitLab Community Edition and Enterprise Edition 10.7.x before 10.7.6. The usage of 'url_for' contained a XSS issue due to it allowing arbitrary protocols as a parameter.
CVE-2018-14606
An issue was discovered in GitLab Community and Enterprise Edition before 10.8.7, 11.0.x before 11.0.5, and 11.1.x before 11.1.2. XSS can occur via a Milestone name during a promotion.
CVE-2018-14606
An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2018-14605
An issue was discovered in GitLab Community and Enterprise Edition before 10.8.7, 11.0.x before 11.0.5, and 11.1.x before 11.1.2. XSS can occur in the branch name during a Web IDE file commit.
CVE-2018-14605
An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2018-14604
An issue was discovered in GitLab Community and Enterprise Edition before 10.8.7, 11.0.x before 11.0.5, and 11.1.x before 11.1.2. XSS can occur in the tooltip of the job inside the CI/CD pipeline.
CVE-2018-14604
An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2018-14603
An issue was discovered in GitLab Community and Enterprise Edition before 10.8.7, 11.0.x before 11.0.5, and 11.1.x before 11.1.2. CSRF can occur in the Test feature of the System Hooks component.
CVE-2018-14603
An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2018-14602
An issue was discovered in GitLab Community and Enterprise Edition before 10.8.7, 11.0.x before 11.0.5, and 11.1.x before 11.1.2. Information Disclosure can occur because the Prometheus metrics feature discloses private project pathnames.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
CVE-2018-12605 An issue was discovered in GitLab Community Edition and Enterprise Edition 10.7.x before 10.7.6. The usage of 'url_for' contained a XSS issue due to it allowing arbitrary protocols as a parameter. | CVSS3: 5.4 | 0% Низкий | больше 7 лет назад | |
CVE-2018-14606 An issue was discovered in GitLab Community and Enterprise Edition before 10.8.7, 11.0.x before 11.0.5, and 11.1.x before 11.1.2. XSS can occur via a Milestone name during a promotion. | CVSS3: 5.4 | 0% Низкий | больше 7 лет назад | |
CVE-2018-14606 An issue was discovered in GitLab Community and Enterprise Edition bef ... | CVSS3: 5.4 | 0% Низкий | больше 7 лет назад | |
CVE-2018-14605 An issue was discovered in GitLab Community and Enterprise Edition before 10.8.7, 11.0.x before 11.0.5, and 11.1.x before 11.1.2. XSS can occur in the branch name during a Web IDE file commit. | CVSS3: 5.4 | 0% Низкий | больше 7 лет назад | |
CVE-2018-14605 An issue was discovered in GitLab Community and Enterprise Edition bef ... | CVSS3: 5.4 | 0% Низкий | больше 7 лет назад | |
CVE-2018-14604 An issue was discovered in GitLab Community and Enterprise Edition before 10.8.7, 11.0.x before 11.0.5, and 11.1.x before 11.1.2. XSS can occur in the tooltip of the job inside the CI/CD pipeline. | CVSS3: 6.1 | 0% Низкий | больше 7 лет назад | |
CVE-2018-14604 An issue was discovered in GitLab Community and Enterprise Edition bef ... | CVSS3: 6.1 | 0% Низкий | больше 7 лет назад | |
CVE-2018-14603 An issue was discovered in GitLab Community and Enterprise Edition before 10.8.7, 11.0.x before 11.0.5, and 11.1.x before 11.1.2. CSRF can occur in the Test feature of the System Hooks component. | CVSS3: 8.8 | 0% Низкий | больше 7 лет назад | |
CVE-2018-14603 An issue was discovered in GitLab Community and Enterprise Edition bef ... | CVSS3: 8.8 | 0% Низкий | больше 7 лет назад | |
CVE-2018-14602 An issue was discovered in GitLab Community and Enterprise Edition before 10.8.7, 11.0.x before 11.0.5, and 11.1.x before 11.1.2. Information Disclosure can occur because the Prometheus metrics feature discloses private project pathnames. | CVSS3: 7.5 | 0% Низкий | больше 7 лет назад |
Уязвимостей на страницу