Gitlab — веб-платформа для управления проектами и репозиториями программного кода, работа которой основана на популярной системе контроля версий Git.
Релизный цикл, информация об уязвимостях
График релизов
Количество 5 332
CVE-2017-0917
Gitlab Community Edition version 10.2.4 is vulnerable to lack of input validation in the CI job component resulting in persistent cross site scripting.
CVE-2017-0917
Gitlab Community Edition version 10.2.4 is vulnerable to lack of input ...
CVE-2017-0916
Gitlab Community Edition version 10.3 is vulnerable to a lack of input validation in the system_hook_push queue through web hook component resulting in remote code execution.
CVE-2017-0916
Gitlab Community Edition version 10.3 is vulnerable to a lack of input ...
CVE-2017-0915
Gitlab Community Edition version 10.2.4 is vulnerable to a lack of input validation in the GitlabProjectsImportService resulting in remote code execution.
CVE-2017-0915
Gitlab Community Edition version 10.2.4 is vulnerable to a lack of inp ...
CVE-2017-0914
Gitlab Community and Enterprise Editions version 10.1, 10.2, and 10.2.4 are vulnerable to a SQL injection in the MilestoneFinder component resulting in disclosure of all data in a GitLab instance's database.
CVE-2017-0914
Gitlab Community and Enterprise Editions version 10.1, 10.2, and 10.2. ...
CVE-2017-0923
Gitlab Community Edition version 9.1 is vulnerable to lack of input validation in the IPython notebooks component resulting in persistent cross site scripting.
CVE-2017-0922
Gitlab Enterprise Edition version 10.3 is vulnerable to an authorization bypass issue in the GitLab Projects::BoardsController component resulting in an information disclosure on any board object.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | CVE-2017-0917 Gitlab Community Edition version 10.2.4 is vulnerable to lack of input validation in the CI job component resulting in persistent cross site scripting. | CVSS3: 6.1 | 0% Низкий | почти 8 лет назад |
| CVE-2017-0917 Gitlab Community Edition version 10.2.4 is vulnerable to lack of input ... | CVSS3: 6.1 | 0% Низкий | почти 8 лет назад |
| CVE-2017-0916 Gitlab Community Edition version 10.3 is vulnerable to a lack of input validation in the system_hook_push queue through web hook component resulting in remote code execution. | CVSS3: 9.8 | 0% Низкий | почти 8 лет назад |
| CVE-2017-0916 Gitlab Community Edition version 10.3 is vulnerable to a lack of input ... | CVSS3: 9.8 | 0% Низкий | почти 8 лет назад |
| CVE-2017-0915 Gitlab Community Edition version 10.2.4 is vulnerable to a lack of input validation in the GitlabProjectsImportService resulting in remote code execution. | CVSS3: 9.8 | 1% Низкий | почти 8 лет назад |
| CVE-2017-0915 Gitlab Community Edition version 10.2.4 is vulnerable to a lack of inp ... | CVSS3: 9.8 | 1% Низкий | почти 8 лет назад |
| CVE-2017-0914 Gitlab Community and Enterprise Editions version 10.1, 10.2, and 10.2.4 are vulnerable to a SQL injection in the MilestoneFinder component resulting in disclosure of all data in a GitLab instance's database. | CVSS3: 7.5 | 0% Низкий | почти 8 лет назад |
| CVE-2017-0914 Gitlab Community and Enterprise Editions version 10.1, 10.2, and 10.2. ... | CVSS3: 7.5 | 0% Низкий | почти 8 лет назад |
 | CVE-2017-0923 Gitlab Community Edition version 9.1 is vulnerable to lack of input validation in the IPython notebooks component resulting in persistent cross site scripting. | CVSS3: 6.1 | 0% Низкий | почти 8 лет назад |
| CVE-2017-0922 Gitlab Enterprise Edition version 10.3 is vulnerable to an authorization bypass issue in the GitLab Projects::BoardsController component resulting in an information disclosure on any board object. | CVSS3: 7.5 | 0% Низкий | почти 8 лет назад |
Уязвимостей на страницу