Gitlab

Gitlab

1222 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2018-19574

  • EPSS 0.11%
  • Published 10.07.2019 16:15:10
  • Last modified 21.11.2024 03:58:12

GitLab CE/EE, versions 7.6 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an XSS vulnerability in the OAuth authorization page.

4.3

CVE-2018-19575

  • EPSS 0.13%
  • Published 10.07.2019 16:15:10
  • Last modified 21.11.2024 03:58:12

GitLab CE/EE, versions 10.1 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an insecure direct object reference issue that allows a user to make comments on a locked issue.

6.5

CVE-2018-19496

  • EPSS 0.08%
  • Published 10.07.2019 15:15:12
  • Last modified 21.11.2024 03:58:01

An issue was discovered in GitLab Community and Enterprise Edition 10.x and 11.x before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1. There is an incorrect access control vulnerability that permits a user with insufficient privileges to pr...

5.3

CVE-2018-19577

  • EPSS 0.25%
  • Published 10.07.2019 15:15:12
  • Last modified 21.11.2024 03:58:13

Gitlab CE/EE, versions 8.6 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an incorrect access control vulnerability that displays to an unauthorized user the title and namespace of a confidential issue.

6.1

CVE-2018-19493

  • EPSS 0.11%
  • Published 10.07.2019 15:15:11
  • Last modified 21.11.2024 03:58:01

An issue was discovered in GitLab Community and Enterprise Edition 11.x before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1. There is a persistent XSS vulnerability in the environment pages due to a lack of input validation and output enco...

4.3

CVE-2018-19494

  • EPSS 0.09%
  • Published 10.07.2019 15:15:11
  • Last modified 21.11.2024 03:58:01

An issue was discovered in GitLab Community and Enterprise Edition 11.x before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1. There is an incorrect access vulnerability that allows an unauthorized user to view private group names.

6.5

CVE-2018-19495

  • EPSS 0.09%
  • Published 10.07.2019 15:15:11
  • Last modified 21.11.2024 03:58:01

An issue was discovered in GitLab Community and Enterprise Edition before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1. There is an SSRF vulnerability in the Prometheus integration.

5.5

CVE-2019-9221

  • EPSS 0.02%
  • Published 29.05.2019 17:29:00
  • Last modified 21.11.2024 04:51:14

An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control (issue 3 of 5).

9.8

CVE-2019-9485

  • EPSS 0.18%
  • Published 29.05.2019 17:29:00
  • Last modified 21.11.2024 04:51:42

An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Insecure Permissions.

9.8

CVE-2019-9732

  • EPSS 0.24%
  • Published 29.05.2019 17:29:00
  • Last modified 21.11.2024 04:52:11

An issue was discovered in GitLab Community and Enterprise Edition 10.x (starting from 10.8) and 11.x before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control.