Gitlab — веб-платформа для управления проектами и репозиториями программного кода, работа которой основана на популярной системе контроля версий Git.
Релизный цикл, информация об уязвимостях
График релизов
Количество 5 336
GHSA-pwvw-rggj-f74r
An issue was discovered in GitLab CE/EE affecting all versions before 17.6.0 in which users were unaware that files uploaded to comments on confidential issues and epics of public projects could be accessed without authentication via a direct link to the uploaded file URL.
CVE-2023-5117
An issue was discovered in GitLab CE/EE affecting all versions before 17.6.0 in which users were unaware that files uploaded to comments on confidential issues and epics of public projects could be accessed without authentication via a direct link to the uploaded file URL.
CVE-2023-5117
An issue was discovered in GitLab CE/EE affecting all versions before ...
CVE-2023-5117
An issue was discovered in GitLab CE/EE affecting all versions before 17.6.0 in which users were unaware that files uploaded to comments on confidential issues and epics of public projects could be accessed without authentication via a direct link to the uploaded file URL.
GHSA-77qj-2xp7-f745
An issue has been discovered in GitLab CE/EE affecting all versions from 16.9 before 17.4.6, 17.5 before 17.5.4, and 17.6 before 17.6.2. By using a specific GraphQL query, under specific conditions an unauthorized user can retrieve branch names.
GHSA-9xww-4cjx-6w55
An issue was discovered in GitLab CE/EE affecting all versions from 15.0 prior to 17.4.6, 17.5 prior to 17.5.4, and 17.6 prior to 17.6.2 that allowed non-member users to view unresolved threads marked as internal notes in public projects merge requests.
CVE-2024-8650
An issue was discovered in GitLab CE/EE affecting all versions from 15.0 prior to 17.4.6, 17.5 prior to 17.5.4, and 17.6 prior to 17.6.2 that allowed non-member users to view unresolved threads marked as internal notes in public projects merge requests.
CVE-2024-8650
An issue was discovered in GitLab CE/EE affecting all versions from 15 ...
CVE-2024-8116
An issue has been discovered in GitLab CE/EE affecting all versions from 16.9 before 17.4.6, 17.5 before 17.5.4, and 17.6 before 17.6.2. By using a specific GraphQL query, under specific conditions an unauthorized user can retrieve branch names.
CVE-2024-8116
An issue has been discovered in GitLab CE/EE affecting all versions fr ...
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| GHSA-pwvw-rggj-f74r An issue was discovered in GitLab CE/EE affecting all versions before 17.6.0 in which users were unaware that files uploaded to comments on confidential issues and epics of public projects could be accessed without authentication via a direct link to the uploaded file URL. | CVSS3: 3.7 | 0% Низкий | около 1 года назад |
 | CVE-2023-5117 An issue was discovered in GitLab CE/EE affecting all versions before 17.6.0 in which users were unaware that files uploaded to comments on confidential issues and epics of public projects could be accessed without authentication via a direct link to the uploaded file URL. | CVSS3: 3.7 | 0% Низкий | около 1 года назад |
| CVE-2023-5117 An issue was discovered in GitLab CE/EE affecting all versions before ... | CVSS3: 3.7 | 0% Низкий | около 1 года назад |
 | CVE-2023-5117 An issue was discovered in GitLab CE/EE affecting all versions before 17.6.0 in which users were unaware that files uploaded to comments on confidential issues and epics of public projects could be accessed without authentication via a direct link to the uploaded file URL. | CVSS3: 3.7 | 0% Низкий | около 1 года назад |
| GHSA-77qj-2xp7-f745 An issue has been discovered in GitLab CE/EE affecting all versions from 16.9 before 17.4.6, 17.5 before 17.5.4, and 17.6 before 17.6.2. By using a specific GraphQL query, under specific conditions an unauthorized user can retrieve branch names. | CVSS3: 5.3 | 0% Низкий | около 1 года назад |
| GHSA-9xww-4cjx-6w55 An issue was discovered in GitLab CE/EE affecting all versions from 15.0 prior to 17.4.6, 17.5 prior to 17.5.4, and 17.6 prior to 17.6.2 that allowed non-member users to view unresolved threads marked as internal notes in public projects merge requests. | CVSS3: 5.3 | 0% Низкий | около 1 года назад |
| CVE-2024-8650 An issue was discovered in GitLab CE/EE affecting all versions from 15.0 prior to 17.4.6, 17.5 prior to 17.5.4, and 17.6 prior to 17.6.2 that allowed non-member users to view unresolved threads marked as internal notes in public projects merge requests. | CVSS3: 5.3 | 0% Низкий | около 1 года назад |
| CVE-2024-8650 An issue was discovered in GitLab CE/EE affecting all versions from 15 ... | CVSS3: 5.3 | 0% Низкий | около 1 года назад |
| CVE-2024-8116 An issue has been discovered in GitLab CE/EE affecting all versions from 16.9 before 17.4.6, 17.5 before 17.5.4, and 17.6 before 17.6.2. By using a specific GraphQL query, under specific conditions an unauthorized user can retrieve branch names. | CVSS3: 5.3 | 0% Низкий | около 1 года назад |
| CVE-2024-8116 An issue has been discovered in GitLab CE/EE affecting all versions fr ... | CVSS3: 5.3 | 0% Низкий | около 1 года назад |
Уязвимостей на страницу