Gitlab — веб-платформа для управления проектами и репозиториями программного кода, работа которой основана на популярной системе контроля версий Git.
Релизный цикл, информация об уязвимостях
График релизов
Количество 5 336
CVE-2024-3976
An issue has been discovered in GitLab CE/EE affecting all versions st ...
CVE-2024-3976
An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.0 prior to 16.9.7, starting from 16.10 prior to 16.10.5, and starting from 16.11 prior to 16.11.2. It was possible to disclose via the UI the confidential issues title and description from a public project to unauthorised instance users.
CVE-2024-9631
An issue was discovered in GitLab CE/EE affecting all versions starting from 13.6 prior to 17.2.9, starting from 17.3 prior to 17.3.5, and starting from 17.4 prior to 17.4.2, where viewing diffs of MR with conflicts can be slow.
CVE-2024-9631
An issue was discovered in GitLab CE/EE affecting all versions startin ...
CVE-2024-5528
An issue was discovered in GitLab CE/EE affecting all versions prior to 16.11.6, starting from 17.0 prior to 17.0.4, and starting from 17.1 prior to 17.1.2, which allows a subdomain takeover in GitLab Pages.
CVE-2024-5528
An issue was discovered in GitLab CE/EE affecting all versions prior t ...
CVE-2024-5528
An issue was discovered in GitLab CE/EE affecting all versions prior to 16.11.6, starting from 17.0 prior to 17.0.4, and starting from 17.1 prior to 17.1.2, which allows a subdomain takeover in GitLab Pages.
CVE-2024-9631
An issue was discovered in GitLab CE/EE affecting all versions starting from 13.6 prior to 17.2.9, starting from 17.3 prior to 17.3.5, and starting from 17.4 prior to 17.4.2, where viewing diffs of MR with conflicts can be slow.
CVE-2024-6356
An issue was discovered in GitLab EE affecting all versions starting from 16.0 prior to 17.0.6, starting from 17.1 prior to 17.1.4, and starting from 17.2 prior to 17.2.2, which allowed cross project access for Security policy bot.
CVE-2024-6356
An issue was discovered in GitLab EE affecting all versions starting f ...
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| CVE-2024-3976 An issue has been discovered in GitLab CE/EE affecting all versions st ... | CVSS3: 6.5 | 0% Низкий | около 1 года назад |
 | CVE-2024-3976 An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.0 prior to 16.9.7, starting from 16.10 prior to 16.10.5, and starting from 16.11 prior to 16.11.2. It was possible to disclose via the UI the confidential issues title and description from a public project to unauthorised instance users. | CVSS3: 6.5 | 0% Низкий | около 1 года назад |
 | CVE-2024-9631 An issue was discovered in GitLab CE/EE affecting all versions starting from 13.6 prior to 17.2.9, starting from 17.3 prior to 17.3.5, and starting from 17.4 prior to 17.4.2, where viewing diffs of MR with conflicts can be slow. | CVSS3: 7.5 | 0% Низкий | около 1 года назад |
| CVE-2024-9631 An issue was discovered in GitLab CE/EE affecting all versions startin ... | CVSS3: 7.5 | 0% Низкий | около 1 года назад |
| CVE-2024-5528 An issue was discovered in GitLab CE/EE affecting all versions prior to 16.11.6, starting from 17.0 prior to 17.0.4, and starting from 17.1 prior to 17.1.2, which allows a subdomain takeover in GitLab Pages. | CVSS3: 3.5 | 0% Низкий | около 1 года назад |
| CVE-2024-5528 An issue was discovered in GitLab CE/EE affecting all versions prior t ... | CVSS3: 3.5 | 0% Низкий | около 1 года назад |
| CVE-2024-5528 An issue was discovered in GitLab CE/EE affecting all versions prior to 16.11.6, starting from 17.0 prior to 17.0.4, and starting from 17.1 prior to 17.1.2, which allows a subdomain takeover in GitLab Pages. | CVSS3: 3.5 | 0% Низкий | около 1 года назад |
| CVE-2024-9631 An issue was discovered in GitLab CE/EE affecting all versions starting from 13.6 prior to 17.2.9, starting from 17.3 prior to 17.3.5, and starting from 17.4 prior to 17.4.2, where viewing diffs of MR with conflicts can be slow. | CVSS3: 7.5 | 0% Низкий | около 1 года назад |
| CVE-2024-6356 An issue was discovered in GitLab EE affecting all versions starting from 16.0 prior to 17.0.6, starting from 17.1 prior to 17.1.4, and starting from 17.2 prior to 17.2.2, which allowed cross project access for Security policy bot. | CVSS3: 4.4 | 0% Низкий | около 1 года назад |
| CVE-2024-6356 An issue was discovered in GitLab EE affecting all versions starting f ... | CVSS3: 4.4 | 0% Низкий | около 1 года назад |
Уязвимостей на страницу