Gitlab

Gitlab

1222 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2019-9866

  • EPSS 0.14%
  • Published 29.05.2019 17:29:00
  • Last modified 21.11.2024 04:52:28

An issue was discovered in GitLab Community and Enterprise Edition 11.x before 11.7.7 and 11.8.x before 11.8.3. It allows Information Disclosure.

4.3

CVE-2019-7549

  • EPSS 0.13%
  • Published 29.05.2019 16:29:01
  • Last modified 21.11.2024 04:48:18

An issue was discovered in GitLab Community and Enterprise Edition 10.x and 11.x before 11.5.10, 11.6.x before 11.6.8, and 11.7.x before 11.7.3. It has Incorrect Access Control. The GitLab pipelines feature is vulnerable to authorization issues that ...

9.8

CVE-2019-9218

  • EPSS 0.23%
  • Published 29.05.2019 16:29:01
  • Last modified 21.11.2024 04:51:13

An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control (issue 1 of 5).

9.1

CVE-2019-7353

  • EPSS 0.14%
  • Published 17.05.2019 17:29:00
  • Last modified 21.11.2024 04:48:05

An Incorrect Access Control issue was discovered in GitLab Community and Enterprise Edition 11.7.x before 11.7.4. GitLab Releases were vulnerable to an authorization issue that allowed users to view confidential issue and merge request titles of othe...

7.5

CVE-2019-6797

  • EPSS 0.13%
  • Published 17.05.2019 16:29:06
  • Last modified 21.11.2024 04:47:10

An information disclosure issue was discovered in GitLab Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. The GitHub token used in CI/CD for External Repos was being leaked to project maintainers in the UI.

7.5

CVE-2019-6781

  • EPSS 0.11%
  • Published 17.05.2019 16:29:05
  • Last modified 20.03.2025 16:52:51

An Improper Input Validation issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It was possible to use the profile name to inject a potentially malicious link into notificati...

6.5

CVE-2019-6787

  • EPSS 0.12%
  • Published 17.05.2019 16:29:05
  • Last modified 21.11.2024 04:47:09

An Incorrect Access Control issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. The GitLab API allowed project Maintainers and Owners to view the trigger tokens of other proje...

4.3

CVE-2019-6790

  • EPSS 0.12%
  • Published 17.05.2019 16:29:05
  • Last modified 21.11.2024 04:47:09

An Incorrect Access Control (issue 2 of 3) issue was discovered in GitLab Community and Enterprise Edition 8.14 and later but before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. Guest users were able to view the list of a group's merge req...

9.1

CVE-2019-5883

  • EPSS 0.14%
  • Published 17.05.2019 16:29:03
  • Last modified 21.11.2024 04:45:42

An Incorrect Access Control issue was discovered in GitLab Community and Enterprise Edition 6.0 and later but before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1. The issue comments feature could allow a user to comment on an issue which t...

7.5

CVE-2018-19585

  • EPSS 13.62%
  • Published 17.05.2019 16:29:00
  • Last modified 21.11.2024 03:58:14

GitLab CE/EE versions 8.18 up to 11.x before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1 have CRLF Injection in Project Mirroring when using the Git protocol.