Gitlab — веб-платформа для управления проектами и репозиториями программного кода, работа которой основана на популярной системе контроля версий Git.
Релизный цикл, информация об уязвимостях
График релизов
Количество 5 332
CVE-2025-14157
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 6.3 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an authenticated user to cause a Denial of Service condition by sending crafted API calls with large content parameters.
CVE-2025-14157
GitLab has remediated an issue in GitLab CE/EE affecting all versions ...
CVE-2025-13978
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.5 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an authenticated user to discover the names of private projects they do not have access through API requests.
CVE-2025-13978
GitLab has remediated an issue in GitLab CE/EE affecting all versions ...
CVE-2025-12716
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.4 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that, under certain conditions could have allowed an authenticated user to perform unauthorized actions on behalf of another user by creating wiki pages with malicious content.
CVE-2025-12716
GitLab has remediated an issue in GitLab CE/EE affecting all versions ...
CVE-2025-12562
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.10 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an unauthenticated user to create a denial of service condition by sending crafted GraphQL queries that bypass query complexity limits.
CVE-2025-12562
GitLab has remediated an issue in GitLab CE/EE affecting all versions ...
CVE-2025-14157
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 6.3 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an authenticated user to cause a Denial of Service condition by sending crafted API calls with large content parameters.
CVE-2025-13978
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.5 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an authenticated user to discover the names of private projects they do not have access through API requests.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | CVE-2025-14157 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 6.3 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an authenticated user to cause a Denial of Service condition by sending crafted API calls with large content parameters. | CVSS3: 6.5 | 0% Низкий | около 2 месяцев назад |
| CVE-2025-14157 GitLab has remediated an issue in GitLab CE/EE affecting all versions ... | CVSS3: 6.5 | 0% Низкий | около 2 месяцев назад |
| CVE-2025-13978 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.5 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an authenticated user to discover the names of private projects they do not have access through API requests. | CVSS3: 4.3 | 0% Низкий | около 2 месяцев назад |
| CVE-2025-13978 GitLab has remediated an issue in GitLab CE/EE affecting all versions ... | CVSS3: 4.3 | 0% Низкий | около 2 месяцев назад |
| CVE-2025-12716 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.4 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that, under certain conditions could have allowed an authenticated user to perform unauthorized actions on behalf of another user by creating wiki pages with malicious content. | CVSS3: 8.7 | 0% Низкий | около 2 месяцев назад |
| CVE-2025-12716 GitLab has remediated an issue in GitLab CE/EE affecting all versions ... | CVSS3: 8.7 | 0% Низкий | около 2 месяцев назад |
| CVE-2025-12562 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.10 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an unauthenticated user to create a denial of service condition by sending crafted GraphQL queries that bypass query complexity limits. | CVSS3: 7.5 | 0% Низкий | около 2 месяцев назад |
| CVE-2025-12562 GitLab has remediated an issue in GitLab CE/EE affecting all versions ... | CVSS3: 7.5 | 0% Низкий | около 2 месяцев назад |
 | CVE-2025-14157 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 6.3 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an authenticated user to cause a Denial of Service condition by sending crafted API calls with large content parameters. | CVSS3: 6.5 | 0% Низкий | около 2 месяцев назад |
| CVE-2025-13978 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.5 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an authenticated user to discover the names of private projects they do not have access through API requests. | CVSS3: 4.3 | 0% Низкий | около 2 месяцев назад |
Уязвимостей на страницу