Gitlab

Gitlab

1222 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2019-9866

  • EPSS 0.14%
  • Veröffentlicht 29.05.2019 17:29:00
  • Zuletzt bearbeitet 21.11.2024 04:52:28

An issue was discovered in GitLab Community and Enterprise Edition 11.x before 11.7.7 and 11.8.x before 11.8.3. It allows Information Disclosure.

4.3

CVE-2019-7549

  • EPSS 0.13%
  • Veröffentlicht 29.05.2019 16:29:01
  • Zuletzt bearbeitet 21.11.2024 04:48:18

An issue was discovered in GitLab Community and Enterprise Edition 10.x and 11.x before 11.5.10, 11.6.x before 11.6.8, and 11.7.x before 11.7.3. It has Incorrect Access Control. The GitLab pipelines feature is vulnerable to authorization issues that ...

9.8

CVE-2019-9218

  • EPSS 0.23%
  • Veröffentlicht 29.05.2019 16:29:01
  • Zuletzt bearbeitet 21.11.2024 04:51:13

An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control (issue 1 of 5).

9.1

CVE-2019-7353

  • EPSS 0.14%
  • Veröffentlicht 17.05.2019 17:29:00
  • Zuletzt bearbeitet 21.11.2024 04:48:05

An Incorrect Access Control issue was discovered in GitLab Community and Enterprise Edition 11.7.x before 11.7.4. GitLab Releases were vulnerable to an authorization issue that allowed users to view confidential issue and merge request titles of othe...

7.5

CVE-2019-6797

  • EPSS 0.13%
  • Veröffentlicht 17.05.2019 16:29:06
  • Zuletzt bearbeitet 21.11.2024 04:47:10

An information disclosure issue was discovered in GitLab Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. The GitHub token used in CI/CD for External Repos was being leaked to project maintainers in the UI.

7.5

CVE-2019-6781

  • EPSS 0.11%
  • Veröffentlicht 17.05.2019 16:29:05
  • Zuletzt bearbeitet 20.03.2025 16:52:51

An Improper Input Validation issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It was possible to use the profile name to inject a potentially malicious link into notificati...

6.5

CVE-2019-6787

  • EPSS 0.12%
  • Veröffentlicht 17.05.2019 16:29:05
  • Zuletzt bearbeitet 21.11.2024 04:47:09

An Incorrect Access Control issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. The GitLab API allowed project Maintainers and Owners to view the trigger tokens of other proje...

4.3

CVE-2019-6790

  • EPSS 0.12%
  • Veröffentlicht 17.05.2019 16:29:05
  • Zuletzt bearbeitet 21.11.2024 04:47:09

An Incorrect Access Control (issue 2 of 3) issue was discovered in GitLab Community and Enterprise Edition 8.14 and later but before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. Guest users were able to view the list of a group's merge req...

9.1

CVE-2019-5883

  • EPSS 0.14%
  • Veröffentlicht 17.05.2019 16:29:03
  • Zuletzt bearbeitet 21.11.2024 04:45:42

An Incorrect Access Control issue was discovered in GitLab Community and Enterprise Edition 6.0 and later but before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1. The issue comments feature could allow a user to comment on an issue which t...

7.5

CVE-2018-19585

  • EPSS 13.62%
  • Veröffentlicht 17.05.2019 16:29:00
  • Zuletzt bearbeitet 21.11.2024 03:58:14

GitLab CE/EE versions 8.18 up to 11.x before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1 have CRLF Injection in Project Mirroring when using the Git protocol.