Gitlab — веб-платформа для управления проектами и репозиториями программного кода, работа которой основана на популярной системе контроля версий Git.
Релизный цикл, информация об уязвимостях
График релизов
Количество 5 336
CVE-2025-11247
GitLab has remediated an issue in GitLab EE affecting all versions fro ...
CVE-2025-4097
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.10 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an authenticated user to cause a denial of service condition by uploading specially crafted images.
CVE-2025-8405
GitLab has remediated a security issue in GitLab CE/EE affecting all versions from 17.1 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an authenticated user to perform unauthorized actions on behalf of other users by injecting malicious HTML into vulnerability code flow displays.
CVE-2025-11984
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.1 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an authenticated user to bypass WebAuthn two-factor authentication by manipulating the session state under certain conditions.
CVE-2025-14157
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 6.3 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an authenticated user to cause a Denial of Service condition by sending crafted API calls with large content parameters.
CVE-2025-14157
GitLab has remediated an issue in GitLab CE/EE affecting all versions ...
CVE-2025-13978
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.5 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an authenticated user to discover the names of private projects they do not have access through API requests.
CVE-2025-13978
GitLab has remediated an issue in GitLab CE/EE affecting all versions ...
CVE-2025-12716
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.4 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that, under certain conditions could have allowed an authenticated user to perform unauthorized actions on behalf of another user by creating wiki pages with malicious content.
CVE-2025-12716
GitLab has remediated an issue in GitLab CE/EE affecting all versions ...
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| CVE-2025-11247 GitLab has remediated an issue in GitLab EE affecting all versions fro ... | CVSS3: 4.3 | 0% Низкий | около 2 месяцев назад |
 | CVE-2025-4097 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.10 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an authenticated user to cause a denial of service condition by uploading specially crafted images. | CVSS3: 6.5 | 0% Низкий | около 2 месяцев назад |
| CVE-2025-8405 GitLab has remediated a security issue in GitLab CE/EE affecting all versions from 17.1 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an authenticated user to perform unauthorized actions on behalf of other users by injecting malicious HTML into vulnerability code flow displays. | CVSS3: 7.7 | 0% Низкий | около 2 месяцев назад |
| CVE-2025-11984 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.1 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an authenticated user to bypass WebAuthn two-factor authentication by manipulating the session state under certain conditions. | CVSS3: 6.8 | 0% Низкий | около 2 месяцев назад |
 | CVE-2025-14157 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 6.3 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an authenticated user to cause a Denial of Service condition by sending crafted API calls with large content parameters. | CVSS3: 6.5 | 0% Низкий | около 2 месяцев назад |
| CVE-2025-14157 GitLab has remediated an issue in GitLab CE/EE affecting all versions ... | CVSS3: 6.5 | 0% Низкий | около 2 месяцев назад |
| CVE-2025-13978 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.5 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an authenticated user to discover the names of private projects they do not have access through API requests. | CVSS3: 4.3 | 0% Низкий | около 2 месяцев назад |
| CVE-2025-13978 GitLab has remediated an issue in GitLab CE/EE affecting all versions ... | CVSS3: 4.3 | 0% Низкий | около 2 месяцев назад |
| CVE-2025-12716 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.4 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that, under certain conditions could have allowed an authenticated user to perform unauthorized actions on behalf of another user by creating wiki pages with malicious content. | CVSS3: 8.7 | 0% Низкий | около 2 месяцев назад |
| CVE-2025-12716 GitLab has remediated an issue in GitLab CE/EE affecting all versions ... | CVSS3: 8.7 | 0% Низкий | около 2 месяцев назад |
Уязвимостей на страницу