Gitlab — веб-платформа для управления проектами и репозиториями программного кода, работа которой основана на популярной системе контроля версий Git.
Релизный цикл, информация об уязвимостях
График релизов
Количество 5 332
CVE-2013-4489
The Grit gem for Ruby, as used in GitLab 5.2 before 5.4.1 and 6.x befo ...
CVE-2014-3456
Cross-site scripting (XSS) vulnerability in GitLab Enterprise Edition (EE) 6.6.0 before 6.6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2013-4546
The repository import feature in gitlab-shell before 1.7.4, as used in GitLab, allows remote authenticated users to execute arbitrary commands via the import URL.
CVE-2013-4546
The repository import feature in gitlab-shell before 1.7.4, as used in ...
CVE-2013-4490
The SSH key upload feature (lib/gitlab_keys.rb) in gitlab-shell before 1.7.3, as used in GitLab 5.0 before 5.4.1 and 6.x before 6.2.3, allows remote authenticated users to execute arbitrary commands via shell metacharacters in the public key.
CVE-2013-4490
The SSH key upload feature (lib/gitlab_keys.rb) in gitlab-shell before ...
CVE-2013-4581
GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, Enterprise Edition before 6.2.1 and gitlab-shell before 1.7.8 allows remote attackers to execute arbitrary code via a crafted change using SSH.
CVE-2013-4581
GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, Enterprise Ed ...
CVE-2013-4580
GitLab before 5.4.2, Community Edition before 6.2.4, and Enterprise Edition before 6.2.1, when using a MySQL backend, allows remote attackers to impersonate arbitrary users and bypass authentication via unspecified API calls.
CVE-2013-4580
GitLab before 5.4.2, Community Edition before 6.2.4, and Enterprise Ed ...
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| CVE-2013-4489 The Grit gem for Ruby, as used in GitLab 5.2 before 5.4.1 and 6.x befo ... | CVSS2: 6.5 | 0% Низкий | больше 11 лет назад |
 | CVE-2014-3456 Cross-site scripting (XSS) vulnerability in GitLab Enterprise Edition (EE) 6.6.0 before 6.6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | CVSS2: 4.3 | 0% Низкий | больше 11 лет назад |
| CVE-2013-4546 The repository import feature in gitlab-shell before 1.7.4, as used in GitLab, allows remote authenticated users to execute arbitrary commands via the import URL. | CVSS2: 6.5 | 0% Низкий | больше 11 лет назад |
| CVE-2013-4546 The repository import feature in gitlab-shell before 1.7.4, as used in ... | CVSS2: 6.5 | 0% Низкий | больше 11 лет назад |
| CVE-2013-4490 The SSH key upload feature (lib/gitlab_keys.rb) in gitlab-shell before 1.7.3, as used in GitLab 5.0 before 5.4.1 and 6.x before 6.2.3, allows remote authenticated users to execute arbitrary commands via shell metacharacters in the public key. | CVSS2: 6.5 | 50% Средний | больше 11 лет назад |
| CVE-2013-4490 The SSH key upload feature (lib/gitlab_keys.rb) in gitlab-shell before ... | CVSS2: 6.5 | 50% Средний | больше 11 лет назад |
| CVE-2013-4581 GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, Enterprise Edition before 6.2.1 and gitlab-shell before 1.7.8 allows remote attackers to execute arbitrary code via a crafted change using SSH. | CVSS2: 6.8 | 1% Низкий | больше 11 лет назад |
| CVE-2013-4581 GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, Enterprise Ed ... | CVSS2: 6.8 | 1% Низкий | больше 11 лет назад |
| CVE-2013-4580 GitLab before 5.4.2, Community Edition before 6.2.4, and Enterprise Edition before 6.2.1, when using a MySQL backend, allows remote attackers to impersonate arbitrary users and bypass authentication via unspecified API calls. | CVSS2: 6.8 | 0% Низкий | больше 11 лет назад |
| CVE-2013-4580 GitLab before 5.4.2, Community Edition before 6.2.4, and Enterprise Ed ... | CVSS2: 6.8 | 0% Низкий | больше 11 лет назад |
Уязвимостей на страницу