Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / gitlab

gitlab

1,383 tracked vulnerabilities.

CVE-2019-5470 HIGH

GitLab < 11.11.6, 12.0.4, 12.1.2 - Missing Authorization in Security Dashboard

CVE-2019-5468 HIGH

GitLab < 11.11.6, 12.0.4, 12.1.2 - Privilege Escalation via Mattermost Slash Commands

CVE-2019-5466 MEDIUM

GitLab 11.5.0-11.11.7 - Authorization Bypass via Merge Request Endpoint

CVE-2019-5465 MEDIUM

GitLab 8.14.0-11.11.7 - Exposure of Sensitive Information via Move Issue Feature

CVE-2019-5464 CRITICAL

GitLab 10.2.0-11.11.7 - Server-Side Request Forgery via DNS Rebinding Protection Bypass

CVE-2019-5462 HIGH

GitLab 9.0.0-11.11.7 - Insufficient Session Expiration via Trigger Token Rotation

CVE-2019-15590 HIGH

GitLab < 12.3.5, < 12.2.8, < 12.1.14 - Unauthenticated Private Data Disclosure via Elasticsearch

CVE-2019-15586 MEDIUM

GitLab 12.1.0-12.1.10 - Stored Cross-Site Scripting in Mermaid Plugin

CVE-2019-15585 CRITICAL

GitLab < 12.3.2, < 12.2.6, and < 12.1.12 - Account Takeover via SAML Validation Issue

CVE-2019-15583 HIGH

GitLab < 12.3.2, < 12.2.6, < 12.1.12 - Unauthorized Information Disclosure via Issue Move API

CVE-2019-15582 MEDIUM

GitLab < 12.3.2, < 12.2.6, < 12.1.12 - Authorization Bypass via Protected Environment Group Addition

CVE-2019-15581 MEDIUM

GitLab < 12.3.2, < 12.2.6, < 12.1.12 - Insecure Direct Object Reference via Merge Request Approval Rules

CVE-2019-15579 MEDIUM

GitLab < 12.3.2, < 12.2.6, < 12.1.12 - Unauthorized Exposure of Confidential Issue Assignees via Milestones

CVE-2019-15578 MEDIUM

GitLab < 12.3.2, < 12.2.6, < 12.1.12 - Exposure of Private Project Path in Unsubscribe Email Link

CVE-2019-20144 MEDIUM

GitLab CE/EE <12.6.1 - Info Disclosure

CVE-2019-20143 MEDIUM

GitLab 12.6 - Missing Authentication for Critical Function

CVE-2019-20142 MEDIUM

GitLab 12.3.0-12.6.1 - Denial of Service

CVE-2019-20148 MEDIUM

GitLab CE/EE <12.6.1 - Info Disclosure

CVE-2019-20147 MEDIUM

GitLab CE/EE <12.6.1 - Info Disclosure

CVE-2019-20146 MEDIUM

GitLab 11.0-12.6 - Uncontrolled Resource Consumption

CVE-2019-20145 MEDIUM

GitLab CE/EE <12.6.1 - Info Disclosure

CVE-2019-19629 HIGH

GitLab EE <12.5.3-12.3.8 - Info Disclosure

CVE-2019-19628 CRITICAL

GitLab EE <12.5.3, <12.4.5, <12.3.8 - Privilege Escalation & RCE

CVE-2019-19314 HIGH

GitLab EE <12.5-12.3.6 - Info Disclosure

CVE-2019-19313 HIGH

GitLab EE <12.3-12.5, 12.4.3, 12.3.6 - DoS

Previous Page 45 of 56 Next

Products

gitlab 1,368 GitLab 110 gitlab-shell 5 dynamic_application_security_testing_analyzer 4 runner 3 gitlab-vscode-extension 2 GitLab AI Gateway 1 dast_api_scanner 1 gitaly 1 gitlab_runner 1 language_server 1 omnibus 1

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy