Gitlab — веб-платформа для управления проектами и репозиториями программного кода, работа которой основана на популярной системе контроля версий Git.
Релизный цикл, информация об уязвимостях
График релизов
Количество 5 336
CVE-2024-10240
An issue has been discovered in GitLab EE affecting all versions starting from 17.3 before 17.3.7, all versions starting from 17.4 before 17.4.4, all versions starting from 17.5 before 17.5.2 in which an unauthenticated user may be able to read some information about an MR in a private project, under certain circumstances.
CVE-2024-10240
An issue has been discovered in GitLab EE affecting all versions start ...
CVE-2024-10240
An issue has been discovered in GitLab EE affecting all versions starting from 17.3 before 17.3.7, all versions starting from 17.4 before 17.4.4, all versions starting from 17.5 before 17.5.2 in which an unauthenticated user may be able to read some information about an MR in a private project, under certain circumstances.
CVE-2024-8237
A Denial of Service (DoS) issue has been discovered in GitLab CE/EE affecting all versions prior to 12.6 prior to 17.4.5, 17.5 prior to 17.5.3, and 17.6 prior to 17.6.1. An attacker could cause a denial of service with a crafted cargo.toml file.
CVE-2024-8237
A Denial of Service (DoS) issue has been discovered in GitLab CE/EE af ...
CVE-2024-8177
An issue was discovered in GitLab CE/EE affecting all versions starting from 15.6 prior to 17.4.5, starting from 17.5 prior to 17.5.3, starting from 17.6 prior to 17.6.1 which could cause Denial of Service via integrating a malicious harbor registry.
CVE-2024-8177
An issue was discovered in GitLab CE/EE affecting all versions startin ...
CVE-2024-8114
An issue has been discovered in GitLab CE/EE affecting all versions from 8.12 before 17.4.5, 17.5 before 17.5.3, and 17.6 before 17.6.1. This issue allows an attacker with access to a victim's Personal Access Token (PAT) to escalate privileges.
CVE-2024-8114
An issue has been discovered in GitLab CE/EE affecting all versions fr ...
CVE-2024-11828
A denial of service (DoS) condition was discovered in GitLab CE/EE affecting all versions from 13.2.4 before 17.4.5, 17.5 before 17.5.3, and 17.6 before 17.6.1. By leveraging this vulnerability an attacker could create a DoS condition by sending crafted API calls. This was a regression of an earlier patch.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | CVE-2024-10240 An issue has been discovered in GitLab EE affecting all versions starting from 17.3 before 17.3.7, all versions starting from 17.4 before 17.4.4, all versions starting from 17.5 before 17.5.2 in which an unauthenticated user may be able to read some information about an MR in a private project, under certain circumstances. | CVSS3: 5.3 | 0% Низкий | около 1 года назад |
| CVE-2024-10240 An issue has been discovered in GitLab EE affecting all versions start ... | CVSS3: 5.3 | 0% Низкий | около 1 года назад |
 | CVE-2024-10240 An issue has been discovered in GitLab EE affecting all versions starting from 17.3 before 17.3.7, all versions starting from 17.4 before 17.4.4, all versions starting from 17.5 before 17.5.2 in which an unauthenticated user may be able to read some information about an MR in a private project, under certain circumstances. | CVSS3: 5.3 | 0% Низкий | около 1 года назад |
| CVE-2024-8237 A Denial of Service (DoS) issue has been discovered in GitLab CE/EE affecting all versions prior to 12.6 prior to 17.4.5, 17.5 prior to 17.5.3, and 17.6 prior to 17.6.1. An attacker could cause a denial of service with a crafted cargo.toml file. | CVSS3: 6.5 | 0% Низкий | около 1 года назад |
| CVE-2024-8237 A Denial of Service (DoS) issue has been discovered in GitLab CE/EE af ... | CVSS3: 6.5 | 0% Низкий | около 1 года назад |
| CVE-2024-8177 An issue was discovered in GitLab CE/EE affecting all versions starting from 15.6 prior to 17.4.5, starting from 17.5 prior to 17.5.3, starting from 17.6 prior to 17.6.1 which could cause Denial of Service via integrating a malicious harbor registry. | CVSS3: 5.3 | 0% Низкий | около 1 года назад |
| CVE-2024-8177 An issue was discovered in GitLab CE/EE affecting all versions startin ... | CVSS3: 5.3 | 0% Низкий | около 1 года назад |
| CVE-2024-8114 An issue has been discovered in GitLab CE/EE affecting all versions from 8.12 before 17.4.5, 17.5 before 17.5.3, and 17.6 before 17.6.1. This issue allows an attacker with access to a victim's Personal Access Token (PAT) to escalate privileges. | CVSS3: 8.2 | 0% Низкий | около 1 года назад |
| CVE-2024-8114 An issue has been discovered in GitLab CE/EE affecting all versions fr ... | CVSS3: 8.2 | 0% Низкий | около 1 года назад |
| CVE-2024-11828 A denial of service (DoS) condition was discovered in GitLab CE/EE affecting all versions from 13.2.4 before 17.4.5, 17.5 before 17.5.3, and 17.6 before 17.6.1. By leveraging this vulnerability an attacker could create a DoS condition by sending crafted API calls. This was a regression of an earlier patch. | CVSS3: 4.3 | 0% Низкий | около 1 года назад |
Уязвимостей на страницу