exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2025-5315

около 1 месяца назад

An issue has been discovered in GitLab CE/EE affecting all versions from 17.2 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated users with Guest role permissions to add child items to incident work items by sending crafted API requests that bypassed UI-enforced role restrictions.

CVSS3: 4.3

EPSS: Низкий

CVE-2025-5315

около 1 месяца назад

An issue has been discovered in GitLab CE/EE affecting all versions from 17.2 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated users with Guest role permissions to add child items to incident work items by sending crafted API requests that bypassed UI-enforced role restrictions.

CVSS3: 4.3

EPSS: Низкий

CVE-2025-5315

около 1 месяца назад

An issue has been discovered in GitLab CE/EE affecting all versions fr ...

CVSS3: 4.3

EPSS: Низкий

GHSA-qf2w-qprx-c232

около 1 месяца назад

An issue has been discovered in GitLab CE/EE affecting all versions from 17.2 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated users with Guest role permissions to add child items to incident work items by sending crafted API requests that bypassed UI-enforced role restrictions.

CVSS3: 4.3

EPSS: Низкий

BDU:2025-07920

около 1 месяца назад

Уязвимость программной платформы на базе git для совместной работы над кодом GitLab, связанная с недостатками процедуры авторизации, позволяющая нарушителю обойти ограничения безопасности и получить доступ на чтение и изменение данных

CVSS3: 4.3

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2025-5315 An issue has been discovered in GitLab CE/EE affecting all versions from 17.2 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated users with Guest role permissions to add child items to incident work items by sending crafted API requests that bypassed UI-enforced role restrictions.	CVSS3: 4.3	0% Низкий	около 1 месяца назад
CVE-2025-5315 An issue has been discovered in GitLab CE/EE affecting all versions from 17.2 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated users with Guest role permissions to add child items to incident work items by sending crafted API requests that bypassed UI-enforced role restrictions.	CVSS3: 4.3	0% Низкий	около 1 месяца назад
CVE-2025-5315 An issue has been discovered in GitLab CE/EE affecting all versions fr ...	CVSS3: 4.3	0% Низкий	около 1 месяца назад
GHSA-qf2w-qprx-c232 An issue has been discovered in GitLab CE/EE affecting all versions from 17.2 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated users with Guest role permissions to add child items to incident work items by sending crafted API requests that bypassed UI-enforced role restrictions.	CVSS3: 4.3	0% Низкий	около 1 месяца назад
BDU:2025-07920 Уязвимость программной платформы на базе git для совместной работы над кодом GitLab, связанная с недостатками процедуры авторизации, позволяющая нарушителю обойти ограничения безопасности и получить доступ на чтение и изменение данных	CVSS3: 4.3	0% Низкий	около 1 месяца назад

Уязвимостей на страницу