Gitlab

Gitlab

1257 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2019-11605

  • EPSS 0.09%
  • Veröffentlicht 09.09.2019 19:15:11
  • Zuletzt bearbeitet 21.11.2024 04:21:26

An issue was discovered in GitLab Community and Enterprise Edition 11.8.x before 11.8.10, 11.9.x before 11.9.11, and 11.10.x before 11.10.3. It allows Information Disclosure. A small number of GitLab API endpoints would disclose project information w...

4.3

CVE-2019-11544

Exploit
  • EPSS 0.11%
  • Veröffentlicht 09.09.2019 19:15:10
  • Zuletzt bearbeitet 21.11.2024 04:21:18

An issue was discovered in GitLab Community and Enterprise Edition 8.x, 9.x, 10.x, and 11.x before 11.8.9, 11.9.x before 11.9.10, and 11.10.x before 11.10.2. It allows Information Disclosure. Non-member users who subscribe to notifications of an inte...

4.3

CVE-2019-11545

Exploit
  • EPSS 0.11%
  • Veröffentlicht 09.09.2019 19:15:10
  • Zuletzt bearbeitet 21.11.2024 04:21:19

An issue was discovered in GitLab Community Edition 11.9.x before 11.9.10 and 11.10.x before 11.10.2. It allows Information Disclosure. When an issue is moved to a private project, the private project namespace is leaked to unauthorized users with ac...

5.3

CVE-2019-11546

Exploit
  • EPSS 0.07%
  • Veröffentlicht 09.09.2019 19:15:10
  • Zuletzt bearbeitet 21.11.2024 04:21:19

An issue was discovered in GitLab Community and Enterprise Edition before 11.8.9, 11.9.x before 11.9.10, and 11.10.x before 11.10.2. It has a Race Condition which could allow users to approve a merge request multiple times and potentially reach the a...

6.1

CVE-2019-11547

Exploit
  • EPSS 0.19%
  • Veröffentlicht 09.09.2019 19:15:10
  • Zuletzt bearbeitet 21.11.2024 04:21:19

An issue was discovered in GitLab Community and Enterprise Edition before 11.8.9, 11.9.x before 11.9.10, and 11.10.x before 11.10.2. It has Improper Encoding or Escaping of Output. The branch name on new merge request notification emails isn't escape...

5.4

CVE-2019-11548

Exploit
  • EPSS 0.08%
  • Veröffentlicht 09.09.2019 19:15:10
  • Zuletzt bearbeitet 21.11.2024 04:21:19

An issue was discovered in GitLab Community and Enterprise Edition before 11.8.9. It has Incorrect Access Control. Unprivileged members of a project are able to post comments on confidential issues through an authorization issue in the note endpoint.

5.3

CVE-2019-5463

Exploit
  • EPSS 0.17%
  • Veröffentlicht 09.09.2019 18:15:10
  • Zuletzt bearbeitet 21.11.2024 04:44:58

An authorization issue was discovered in the GitLab CE/EE CI badge images endpoint which could result in disclosure of the build status. This vulnerability was addressed in 12.1.2, 12.0.4, and 11.11.6.

5.4

CVE-2019-5467

Exploit
  • EPSS 0.07%
  • Veröffentlicht 09.09.2019 18:15:10
  • Zuletzt bearbeitet 21.11.2024 04:44:59

An input validation and output encoding issue was discovered in the GitLab CE/EE wiki pages feature which could result in a persistent XSS. This vulnerability was addressed in 12.1.2, 12.0.4, and 11.11.6.

5.4

CVE-2019-5471

Exploit
  • EPSS 0.07%
  • Veröffentlicht 09.09.2019 18:15:10
  • Zuletzt bearbeitet 21.11.2024 04:44:59

An input validation and output encoding issue was discovered in the GitLab email notification feature which could result in a persistent XSS. This was addressed in GitLab 12.1.2, 12.0.4, and 11.11.6.

7.2

CVE-2019-5473

Exploit
  • EPSS 0.19%
  • Veröffentlicht 09.09.2019 18:15:10
  • Zuletzt bearbeitet 21.11.2024 04:45:00

An authentication issue was discovered in GitLab that allowed a bypass of email verification. This was addressed in GitLab 12.1.2 and 12.0.4.