Gitlab — веб-платформа для управления проектами и репозиториями программного кода, работа которой основана на популярной системе контроля версий Git.
Релизный цикл, информация об уязвимостях
График релизов
Количество 5 336
CVE-2024-13041
An issue was discovered in GitLab CE/EE affecting all versions startin ...
CVE-2024-13041
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.4 prior to 17.5.5, starting from 17.6 prior to 17.6.3, and starting from 17.7 prior to 17.7.1. When a user is created via the SAML provider, the external groups setting overrides the external provider configuration. As a result, the user may not be marked as external thereby giving those users access to internal projects or groups.
GHSA-3c89-47f8-w5c6
An issue was discovered in GitLab CE/EE affecting all versions starting from 15.7 prior to 17.5.5, starting from 17.6 prior to 17.6.3, and starting from 17.7 prior to 17.7.1. It was possible to trigger a DoS by creating cyclic references between epics.
CVE-2024-6324
An issue was discovered in GitLab CE/EE affecting all versions starting from 15.7 prior to 17.5.5, starting from 17.6 prior to 17.6.3, and starting from 17.7 prior to 17.7.1. It was possible to trigger a DoS by creating cyclic references between epics.
CVE-2024-6324
An issue was discovered in GitLab CE/EE affecting all versions startin ...
CVE-2024-6324
An issue was discovered in GitLab CE/EE affecting all versions starting from 15.7 prior to 17.5.5, starting from 17.6 prior to 17.6.3, and starting from 17.7 prior to 17.7.1. It was possible to trigger a DoS by creating cyclic references between epics.
GHSA-fv26-qm6r-mmq5
An issue was discovered in GitLab CE/EE affecting all versions starting from 17.4 prior to 17.5.1, starting from 17.6 prior to 17.6.1, and starting from 17.7 prior to 17.7.1. Under certain conditions, access tokens may have been logged when API requests were made in a specific manner.
GHSA-hjr5-q2v6-7chx
An issue was discovered in GitLab CE/EE affecting all versions starting from 15.5 before 17.5.5, 17.6 before 17.6.3, and 17.7 before 17.7.1, in which unauthorized users could manipulate the status of issues in public projects.
CVE-2024-12431
An issue was discovered in GitLab CE/EE affecting all versions starting from 15.5 before 17.5.5, 17.6 before 17.6.3, and 17.7 before 17.7.1, in which unauthorized users could manipulate the status of issues in public projects.
CVE-2024-12431
An issue was discovered in GitLab CE/EE affecting all versions startin ...
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| CVE-2024-13041 An issue was discovered in GitLab CE/EE affecting all versions startin ... | CVSS3: 4.2 | 0% Низкий | около 1 года назад |
 | CVE-2024-13041 An issue was discovered in GitLab CE/EE affecting all versions starting from 16.4 prior to 17.5.5, starting from 17.6 prior to 17.6.3, and starting from 17.7 prior to 17.7.1. When a user is created via the SAML provider, the external groups setting overrides the external provider configuration. As a result, the user may not be marked as external thereby giving those users access to internal projects or groups. | CVSS3: 4.2 | 0% Низкий | около 1 года назад |
| GHSA-3c89-47f8-w5c6 An issue was discovered in GitLab CE/EE affecting all versions starting from 15.7 prior to 17.5.5, starting from 17.6 prior to 17.6.3, and starting from 17.7 prior to 17.7.1. It was possible to trigger a DoS by creating cyclic references between epics. | CVSS3: 4.3 | 0% Низкий | около 1 года назад |
 | CVE-2024-6324 An issue was discovered in GitLab CE/EE affecting all versions starting from 15.7 prior to 17.5.5, starting from 17.6 prior to 17.6.3, and starting from 17.7 prior to 17.7.1. It was possible to trigger a DoS by creating cyclic references between epics. | CVSS3: 4.3 | 0% Низкий | около 1 года назад |
| CVE-2024-6324 An issue was discovered in GitLab CE/EE affecting all versions startin ... | CVSS3: 4.3 | 0% Низкий | около 1 года назад |
| CVE-2024-6324 An issue was discovered in GitLab CE/EE affecting all versions starting from 15.7 prior to 17.5.5, starting from 17.6 prior to 17.6.3, and starting from 17.7 prior to 17.7.1. It was possible to trigger a DoS by creating cyclic references between epics. | CVSS3: 4.3 | 0% Низкий | около 1 года назад |
| GHSA-fv26-qm6r-mmq5 An issue was discovered in GitLab CE/EE affecting all versions starting from 17.4 prior to 17.5.1, starting from 17.6 prior to 17.6.1, and starting from 17.7 prior to 17.7.1. Under certain conditions, access tokens may have been logged when API requests were made in a specific manner. | CVSS3: 6.5 | 0% Низкий | около 1 года назад |
| GHSA-hjr5-q2v6-7chx An issue was discovered in GitLab CE/EE affecting all versions starting from 15.5 before 17.5.5, 17.6 before 17.6.3, and 17.7 before 17.7.1, in which unauthorized users could manipulate the status of issues in public projects. | CVSS3: 4.3 | 0% Низкий | около 1 года назад |
| CVE-2024-12431 An issue was discovered in GitLab CE/EE affecting all versions starting from 15.5 before 17.5.5, 17.6 before 17.6.3, and 17.7 before 17.7.1, in which unauthorized users could manipulate the status of issues in public projects. | CVSS3: 4.3 | 0% Низкий | около 1 года назад |
| CVE-2024-12431 An issue was discovered in GitLab CE/EE affecting all versions startin ... | CVSS3: 4.3 | 0% Низкий | около 1 года назад |
Уязвимостей на страницу