Gitlab — веб-платформа для управления проектами и репозиториями программного кода, работа которой основана на популярной системе контроля версий Git.
Релизный цикл, информация об уязвимостях
График релизов
Количество 5 336
CVE-2024-8402
An issue was discovered in GitLab EE affecting all versions starting from 17.2 before 17.7.7, all versions starting from 17.8 before 17.8.5, all versions starting from 17.9 before 17.9.2. An input validation issue in the Google Cloud IAM integration feature could have enabled a Maintainer to introduce malicious code.
CVE-2024-8402
An issue was discovered in GitLab EE affecting all versions starting f ...
CVE-2024-7296
An issue was discovered in GitLab EE affecting all versions from 16.5 prior to 17.7.7, 17.8 prior to 17.8.5, and 17.9 prior to 17.9.2 which allowed a user with a custom permission to approve pending membership requests beyond the maximum number of allowed users.
CVE-2024-7296
An issue was discovered in GitLab EE affecting all versions from 16.5 ...
CVE-2024-13054
An issue was discovered in GitLab CE/EE affecting all versions before 17.7.7, 17.8 prior to 17.8.5, and 17.9 prior to 17.9.2. where a denial of service vulnerability could allow an attacker to cause a system reboot under certain conditions.
CVE-2024-13054
An issue was discovered in GitLab CE/EE affecting all versions before ...
CVE-2024-12380
An issue was discovered in GitLab EE/CE affecting all versions starting from 11.5 before 17.7.7, all versions starting from 17.8 before 17.8.5, all versions starting from 17.9 before 17.9.2. Certain user inputs in repository mirroring settings could potentially expose sensitive authentication information.
CVE-2024-12380
An issue was discovered in GitLab EE/CE affecting all versions startin ...
CVE-2024-13054
An issue was discovered in GitLab CE/EE affecting all versions before 17.7.7, 17.8 prior to 17.8.5, and 17.9 prior to 17.9.2. where a denial of service vulnerability could allow an attacker to cause a system reboot under certain conditions.
CVE-2025-0652
An issue has been discovered in GitLab EE/CE affecting all versions starting from 16.9 before 17.7.7, all versions starting from 17.8 before 17.8.5, all versions starting from 17.9 before 17.9.2 could allow unauthorized users to access confidential information intended for internal use only.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | CVE-2024-8402 An issue was discovered in GitLab EE affecting all versions starting from 17.2 before 17.7.7, all versions starting from 17.8 before 17.8.5, all versions starting from 17.9 before 17.9.2. An input validation issue in the Google Cloud IAM integration feature could have enabled a Maintainer to introduce malicious code. | CVSS3: 3.7 | 0% Низкий | 11 месяцев назад |
| CVE-2024-8402 An issue was discovered in GitLab EE affecting all versions starting f ... | CVSS3: 3.7 | 0% Низкий | 11 месяцев назад |
| CVE-2024-7296 An issue was discovered in GitLab EE affecting all versions from 16.5 prior to 17.7.7, 17.8 prior to 17.8.5, and 17.9 prior to 17.9.2 which allowed a user with a custom permission to approve pending membership requests beyond the maximum number of allowed users. | CVSS3: 2.7 | 0% Низкий | 11 месяцев назад |
| CVE-2024-7296 An issue was discovered in GitLab EE affecting all versions from 16.5 ... | CVSS3: 2.7 | 0% Низкий | 11 месяцев назад |
| CVE-2024-13054 An issue was discovered in GitLab CE/EE affecting all versions before 17.7.7, 17.8 prior to 17.8.5, and 17.9 prior to 17.9.2. where a denial of service vulnerability could allow an attacker to cause a system reboot under certain conditions. | CVSS3: 6.5 | 2% Низкий | 11 месяцев назад |
| CVE-2024-13054 An issue was discovered in GitLab CE/EE affecting all versions before ... | CVSS3: 6.5 | 2% Низкий | 11 месяцев назад |
| CVE-2024-12380 An issue was discovered in GitLab EE/CE affecting all versions starting from 11.5 before 17.7.7, all versions starting from 17.8 before 17.8.5, all versions starting from 17.9 before 17.9.2. Certain user inputs in repository mirroring settings could potentially expose sensitive authentication information. | CVSS3: 4.4 | 0% Низкий | 11 месяцев назад |
| CVE-2024-12380 An issue was discovered in GitLab EE/CE affecting all versions startin ... | CVSS3: 4.4 | 0% Низкий | 11 месяцев назад |
 | CVE-2024-13054 An issue was discovered in GitLab CE/EE affecting all versions before 17.7.7, 17.8 prior to 17.8.5, and 17.9 prior to 17.9.2. where a denial of service vulnerability could allow an attacker to cause a system reboot under certain conditions. | CVSS3: 6.5 | 2% Низкий | 11 месяцев назад |
| CVE-2025-0652 An issue has been discovered in GitLab EE/CE affecting all versions starting from 16.9 before 17.7.7, all versions starting from 17.8 before 17.8.5, all versions starting from 17.9 before 17.9.2 could allow unauthorized users to access confidential information intended for internal use only. | CVSS3: 4.3 | 0% Низкий | 11 месяцев назад |
Уязвимостей на страницу