exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2025-5315

7 месяцев назад

An issue has been discovered in GitLab CE/EE affecting all versions from 17.2 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated users with Guest role permissions to add child items to incident work items by sending crafted API requests that bypassed UI-enforced role restrictions.

CVSS3: 4.3

EPSS: Низкий

CVE-2025-5315

7 месяцев назад

An issue has been discovered in GitLab CE/EE affecting all versions from 17.2 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated users with Guest role permissions to add child items to incident work items by sending crafted API requests that bypassed UI-enforced role restrictions.

CVSS3: 4.3

EPSS: Низкий

CVE-2025-5315

7 месяцев назад

An issue has been discovered in GitLab CE/EE affecting all versions fr ...

CVSS3: 4.3

EPSS: Низкий

GHSA-qf2w-qprx-c232

7 месяцев назад

An issue has been discovered in GitLab CE/EE affecting all versions from 17.2 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated users with Guest role permissions to add child items to incident work items by sending crafted API requests that bypassed UI-enforced role restrictions.

CVSS3: 4.3

EPSS: Низкий

BDU:2025-07920

8 месяцев назад

Уязвимость программной платформы на базе git для совместной работы над кодом GitLab, связанная с недостатками процедуры авторизации, позволяющая нарушителю обойти ограничения безопасности и получить доступ на чтение и изменение данных

CVSS3: 4.3

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2025-5315 An issue has been discovered in GitLab CE/EE affecting all versions from 17.2 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated users with Guest role permissions to add child items to incident work items by sending crafted API requests that bypassed UI-enforced role restrictions.	CVSS3: 4.3	0% Низкий	7 месяцев назад
CVE-2025-5315 An issue has been discovered in GitLab CE/EE affecting all versions from 17.2 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated users with Guest role permissions to add child items to incident work items by sending crafted API requests that bypassed UI-enforced role restrictions.	CVSS3: 4.3	0% Низкий	7 месяцев назад
CVE-2025-5315 An issue has been discovered in GitLab CE/EE affecting all versions fr ...	CVSS3: 4.3	0% Низкий	7 месяцев назад
GHSA-qf2w-qprx-c232 An issue has been discovered in GitLab CE/EE affecting all versions from 17.2 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated users with Guest role permissions to add child items to incident work items by sending crafted API requests that bypassed UI-enforced role restrictions.	CVSS3: 4.3	0% Низкий	7 месяцев назад
BDU:2025-07920 Уязвимость программной платформы на базе git для совместной работы над кодом GitLab, связанная с недостатками процедуры авторизации, позволяющая нарушителю обойти ограничения безопасности и получить доступ на чтение и изменение данных	CVSS3: 4.3	0% Низкий	8 месяцев назад

Уязвимостей на страницу