gitlab
1,383 tracked vulnerabilities.
CVE-2019-13007
MEDIUM
GitLab 11.11-12.0.2 - Uncontrolled Resource Consumption via Service Template Enablement
Mar 10, 2020
CVSS 4.9
EPSS 0.00
CVE-2019-13006
MEDIUM
GitLab CE/EE <12.0.2 - Info Disclosure
Mar 10, 2020
CVSS 4.3
EPSS 0.00
CVE-2019-13005
MEDIUM
GitLab EE/CE <12.0.2 - Info Disclosure
Mar 10, 2020
CVSS 4.3
EPSS 0.00
CVE-2019-13004
MEDIUM
GitLab CE/EE <12.0.2 - Info Disclosure
Mar 10, 2020
CVSS 5.3
EPSS 0.00
CVE-2019-13003
HIGH
GitLab < 12.0.3 - Uncontrolled Resource Consumption in CI Parser
Mar 10, 2020
CVSS 7.5
EPSS 0.00
CVE-2019-13002
MEDIUM
GitLab CE/EE <12.0.2 - Info Disclosure
Mar 10, 2020
CVSS 4.3
EPSS 0.00
CVE-2019-13001
MEDIUM
GitLab 11.9.0-12.0.2 - Unauthenticated Snippet Comment Authorization Bypass
Mar 10, 2020
CVSS 4.3
EPSS 0.00
CVE-2019-12446
HIGH
GitLab 8.3.0-11.11.0 - Information Exposure via Error Message
Mar 10, 2020
CVSS 7.5
EPSS 0.00
CVE-2019-12445
MEDIUM
GitLab 8.4.0-11.11.0 - Stored Cross-Site Scripting via Project File Import
Mar 10, 2020
CVSS 5.4
EPSS 0.00
CVE-2019-12444
MEDIUM
GitLab 8.9.0-11.11.0 - Stored Cross-Site Scripting in Wiki Pages
Mar 10, 2020
CVSS 6.1
EPSS 0.00
CVE-2019-12443
CRITICAL
GitLab 10.2-11.11 - Server-Side Request Forgery via DNS Rebinding
Mar 10, 2020
CVSS 9.8
EPSS 0.00
CVE-2019-12442
MEDIUM
GitLab 11.7.0-11.11.0 - Stored Cross-Site Scripting in Epic Details Page
Mar 10, 2020
CVSS 6.1
EPSS 0.00
CVE-2019-12441
HIGH
GitLab 8.4.0-11.11.0 - Incorrect Access Control in Protected Branches Feature
Mar 10, 2020
CVSS 7.5
EPSS 0.00
CVE-2019-12434
MEDIUM
GitLab 10.6-11.11 - Information Disclosure via Issue Link URL Contrast
Mar 10, 2020
CVSS 4.3
EPSS 0.00
CVE-2019-12433
MEDIUM
GitLab 11.7.0-11.11.0 - Improper Input Validation in Restricted Visibility Settings
Mar 10, 2020
CVSS 5.3
EPSS 0.00
CVE-2019-12432
MEDIUM
GitLab 8.13-11.11 - Unauthenticated Information Disclosure via Unsubscription Page
Mar 10, 2020
CVSS 4.3
EPSS 0.00
CVE-2019-12431
MEDIUM
GitLab 8.13.0-11.11.0 - Improper Access Control via Search API
Mar 10, 2020
CVSS 4.3
EPSS 0.00
CVE-2019-12430
HIGH
GitLab 11.11 - Authenticated Remote Command Execution via Repository Download Feature
Mar 10, 2020
CVSS 8.8
EPSS 0.04
CVE-2019-12429
MEDIUM
GitLab CE/EE <11.12 - Info Disclosure
Mar 10, 2020
CVSS 6.5
EPSS 0.00
CVE-2019-12428
CRITICAL
GitLab 6.8.0-11.11.0 - Improper Authorization via Crafted Request
Mar 10, 2020
CVSS 9.8
EPSS 0.00
CVE-2019-12825
MEDIUM
GitLab Enterprise 12.0.0-pre - Privilege Escalation
Feb 17, 2020
CVSS 4.3
EPSS 0.00
CVE-2019-15594
MEDIUM
GitLab < 11.8 - Exposure of Sensitive Pipeline Information via Merge Request Endpoint
Feb 14, 2020
CVSS 4.3
EPSS 0.00
CVE-2019-15592
MEDIUM
GitLab 11.2.0-12.0.7 - Unauthenticated Exposure of Sensitive Information via Activity Timeline
Feb 14, 2020
CVSS 4.3
EPSS 0.01
CVE-2019-5474
MEDIUM
GitLab 11.8.0-11.11.5 - Improper Access Control via Merge Request Approval Rules
Jan 28, 2020
CVSS 6.5
EPSS 0.00
CVE-2019-5472
HIGH
GitLab < 11.11.6, 12.0.0-12.0.3, < 12.1.2 - Improper Privilege Management
Jan 28, 2020
CVSS 7.5
EPSS 0.00