Gitlab — веб-платформа для управления проектами и репозиториями программного кода, работа которой основана на популярной системе контроля версий Git.
Релизный цикл, информация об уязвимостях
График релизов
Количество 5 336
GHSA-x774-v4vm-3h8m
An issue discovered in GitLab CE/EE affecting all versions from 16.11 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 meant that long-lived connections in ActionCable potentially allowed revoked Personal Access Tokens access to streaming results.
GHSA-j45p-g8pv-jg87
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.4 prior to 17.5.0 which allows an attacker to trigger a pipeline as another user under certain circumstances.
CVE-2025-1198
An issue discovered in GitLab CE/EE affecting all versions from 16.11 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 meant that long-lived connections in ActionCable potentially allowed revoked Personal Access Tokens access to streaming results.
CVE-2025-1198
An issue discovered in GitLab CE/EE affecting all versions from 16.11 ...
CVE-2025-1198
An issue discovered in GitLab CE/EE affecting all versions from 16.11 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 meant that long-lived connections in ActionCable potentially allowed revoked Personal Access Tokens access to streaming results.
CVE-2024-8266
An issue was discovered in GitLab CE/EE affecting all versions starting from 17.1 prior to 17.6.0, which allows an attacker with maintainer role to trigger a pipeline as project owner under certain circumstances.
CVE-2024-8266
An issue was discovered in GitLab CE/EE affecting all versions startin ...
CVE-2024-7102
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.4 prior to 17.5.0 which allows an attacker to trigger a pipeline as another user under certain circumstances.
CVE-2024-7102
An issue was discovered in GitLab CE/EE affecting all versions startin ...
CVE-2024-7102
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.4 prior to 17.5.0 which allows an attacker to trigger a pipeline as another user under certain circumstances.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| GHSA-x774-v4vm-3h8m An issue discovered in GitLab CE/EE affecting all versions from 16.11 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 meant that long-lived connections in ActionCable potentially allowed revoked Personal Access Tokens access to streaming results. | CVSS3: 4.2 | 0% Низкий | 12 месяцев назад |
| GHSA-j45p-g8pv-jg87 An issue was discovered in GitLab CE/EE affecting all versions starting from 16.4 prior to 17.5.0 which allows an attacker to trigger a pipeline as another user under certain circumstances. | CVSS3: 9.6 | 0% Низкий | 12 месяцев назад |
 | CVE-2025-1198 An issue discovered in GitLab CE/EE affecting all versions from 16.11 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 meant that long-lived connections in ActionCable potentially allowed revoked Personal Access Tokens access to streaming results. | CVSS3: 4.2 | 0% Низкий | 12 месяцев назад |
| CVE-2025-1198 An issue discovered in GitLab CE/EE affecting all versions from 16.11 ... | CVSS3: 4.2 | 0% Низкий | 12 месяцев назад |
 | CVE-2025-1198 An issue discovered in GitLab CE/EE affecting all versions from 16.11 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 meant that long-lived connections in ActionCable potentially allowed revoked Personal Access Tokens access to streaming results. | CVSS3: 4.2 | 0% Низкий | 12 месяцев назад |
| CVE-2024-8266 An issue was discovered in GitLab CE/EE affecting all versions starting from 17.1 prior to 17.6.0, which allows an attacker with maintainer role to trigger a pipeline as project owner under certain circumstances. | CVSS3: 4.4 | 0% Низкий | 12 месяцев назад |
| CVE-2024-8266 An issue was discovered in GitLab CE/EE affecting all versions startin ... | CVSS3: 4.4 | 0% Низкий | 12 месяцев назад |
| CVE-2024-7102 An issue was discovered in GitLab CE/EE affecting all versions starting from 16.4 prior to 17.5.0 which allows an attacker to trigger a pipeline as another user under certain circumstances. | CVSS3: 9.6 | 0% Низкий | 12 месяцев назад |
| CVE-2024-7102 An issue was discovered in GitLab CE/EE affecting all versions startin ... | CVSS3: 9.6 | 0% Низкий | 12 месяцев назад |
| CVE-2024-7102 An issue was discovered in GitLab CE/EE affecting all versions starting from 16.4 prior to 17.5.0 which allows an attacker to trigger a pipeline as another user under certain circumstances. | CVSS3: 9.6 | 0% Низкий | 12 месяцев назад |
Уязвимостей на страницу