Information on source package gitlab

Available versions

ReleaseVersion
stretch (security)8.13.11+dfsg1-8+deb9u3
sid/contrib10.6.5+dfsg-2

Open issues

BugstretchsidDescription
TEMP-0902726-51ACFEvulnerablevulnerablegitlab: Content injection via username
TEMP-0902726-3BBE24fixedvulnerablegitlab: Activity feed publicly displaying internal project names
TEMP-0900522-A18AAEfixedvulnerablegitlab: include directive in .gitlab-ci.yml allows SSRF requests
TEMP-0900522-7DE480fixedvulnerablegitlab: Arbitrary assignment of project fields using Import project
TEMP-0900522-4405E2fixedvulnerablegitlab: Removing public deploy keys regression
TEMP-0900522-3AD97Cfixedvulnerablegitlab: Permissions issue in Merge Requests Create Service
TEMP-0900522-298D01fixedvulnerablegitlab: Persistent XSS - Multiple locations of user selection drop downs
TEMP-0900522-27F98Dfixedvulnerablegitlab: Persistent XSS - Selecting users as allowed merge request approvers
TEMP-0894867-E5064BvulnerablefixedConfidential issue comments in Slack, Mattermost, and webhook integrations
CVE-2018-9243vulnerablefixedGitLab Community and Enterprise Editions version 8.4 up to 10.4 are ...
CVE-2018-8801vulnerablefixedGitLab Community and Enterprise Editions version 8.3 up to 10.x before ...
CVE-2018-14364vulnerablevulnerableGitLab Community and Enterprise Edition before 10.7.7, 10.8.x before ...
CVE-2018-12607fixedvulnerablegitlab: Persistent XSS in charts
CVE-2018-12606vulnerablevulnerablegitlab: wiki XSS
CVE-2018-12605fixedvulnerablegitlab: XSS in url_for(params)
CVE-2017-0921vulnerablevulnerableGitLab Community and Enterprise Editions before 10.1.6, 10.2.6, and ...
CVE-2017-0919vulnerablefixedGitLab Community and Enterprise Editions before 10.1.6, 10.2.6, and ...

Open unimportant issues

BugstretchsidDescription
CVE-2017-12426vulnerablevulnerableGitLab Community Edition (CE) and Enterprise Edition (EE) before ...

Resolved issues

BugDescription
CVE-2018-9244GitLab Community and Enterprise Editions version 9.2 up to 10.4 are ...
CVE-2018-8971The Auth0 integration in GitLab before 10.3.9, 10.4.x before 10.4.6, ...
CVE-2018-3710Gitlab Community and Enterprise Editions version 10.3.3 is vulnerable ...
CVE-2018-10379An issue was discovered in GitLab Community Edition (CE) and Enterprise ...
CVE-2017-8778GitLab before 8.14.9, 8.15.x before 8.15.6, and 8.16.x before 8.16.5 ...
CVE-2017-17716GitLab 9.4.x before 9.4.2 does not support LDAP SSL certificate ...
CVE-2017-11438GitLab Community Edition (CE) and Enterprise Edition (EE) before ...
CVE-2017-11437GitLab Enterprise Edition (EE) before 8.17.7, 9.0.11, 9.1.8, 9.2.8, ...
CVE-2017-0927Gitlab Community Edition version 10.3 is vulnerable to an improper ...
CVE-2017-0926Gitlab Community Edition version 10.3 is vulnerable to an improper ...
CVE-2017-0925Gitlab Enterprise Edition version 10.1.0 is vulnerable to an ...
CVE-2017-0924Gitlab Community Edition version 10.2.4 is vulnerable to lack of input ...
CVE-2017-0923Gitlab Community Edition version 9.1 is vulnerable to lack of input ...
CVE-2017-0922Gitlab Enterprise Edition version 10.3 is vulnerable to an ...
CVE-2017-0920GitLab Community and Enterprise Editions before 10.1.6, 10.2.6, and ...
CVE-2017-0918Gitlab Community Edition version 10.3 is vulnerable to a path ...
CVE-2017-0917Gitlab Community Edition version 10.2.4 is vulnerable to lack of input ...
CVE-2017-0916Gitlab Community Edition version 10.3 is vulnerable to a lack of input ...
CVE-2017-0915Gitlab Community Edition version 10.2.4 is vulnerable to a lack of ...
CVE-2017-0914Gitlab Community and Enterprise Editions version 10.1, 10.2, and ...
CVE-2017-0882Multiple versions of GitLab expose sensitive user credentials when ...
CVE-2016-9469Multiple versions of GitLab expose a dangerous method to any ...
CVE-2016-9086GitLab versions 8.9.x and above contain a critical security flaw in the ...
CVE-2016-4340The impersonate feature in Gitlab 8.7.0, 8.6.0 through 8.6.7, 8.5.0 ...
CVE-2014-8540The groups API in GitLab 6.x and 7.x before 7.4.3 allows remote ...
CVE-2013-7316Cross-site scripting (XSS) vulnerability in GitLab 6.0 and other ...
CVE-2013-4583
CVE-2013-4582Local file inclusion vulnerability
CVE-2013-4581GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, Enterprise ...
CVE-2013-4580GitLab before 5.4.2, Community Edition before 6.2.4, and Enterprise ...
CVE-2013-4546The repository import feature in gitlab-shell before 1.7.4, as used in ...
CVE-2013-4490The SSH key upload feature (lib/gitlab_keys.rb) in gitlab-shell before ...
CVE-2013-4489The Grit gem for Ruby, as used in GitLab 5.2 before 5.4.1 and 6.x ...

Security announcements

DSA / DLADescription
DSA-4206-2gitlab - regression update
DSA-4206-1gitlab - security update
DSA-4145-1gitlab - security update

Search for package or bug name: Reporting problems