gitlab

1,383 tracked vulnerabilities.

CVE-2019-19312 MEDIUM
GitLab EE <12.5-12.3.6 - Info Disclosure
Jan 05, 2020
CVSS 5.8
EPSS 0.00
CVE-2019-19310 MEDIUM
GitLab 9.0.0-12.5.0 - Insufficiently Protected Credentials
Jan 03, 2020
CVSS 4.9
EPSS 0.00
CVE-2019-19309 MEDIUM
GitLab 8.90-12.5 - Incorrect Access Control
Jan 03, 2020
CVSS 4.3
EPSS 0.00
CVE-2019-19263 MEDIUM
GitLab 8.2.0-12.5.0 - Insecure Permissions
Jan 03, 2020
CVSS 4.3
EPSS 0.00
CVE-2019-19262 MEDIUM
GitLab EE 11.9.0-12.5.1 - Insecure Permission Assignment
Jan 03, 2020
CVSS 4.3
EPSS 0.00
CVE-2019-19261 HIGH
GitLab 6.7.0-12.5.0 - Server-Side Request Forgery
Jan 03, 2020
CVSS 8.8
EPSS 0.00
CVE-2019-19260 MEDIUM
GitLab CE/EE <12.5 - Info Disclosure
Jan 03, 2020
CVSS 5.4
EPSS 0.00
CVE-2019-19259 MEDIUM
GitLab 11.3.0-12.5.0 - Insecure Direct Object Reference
Jan 03, 2020
CVSS 4.3
EPSS 0.00
CVE-2019-19258 MEDIUM
GitLab 10.8.0-12.5.0 - Incorrect Access Control
Jan 03, 2020
CVSS 5.3
EPSS 0.00
CVE-2019-19257 MEDIUM
GitLab CE/EE <12.5 - Info Disclosure
Jan 03, 2020
CVSS 5.3
EPSS 0.00
CVE-2019-19256 MEDIUM
GitLab 12.2.0-12.5.0 - Exposure of Sensitive Information via Incorrect Access Control
Jan 03, 2020
CVSS 5.3
EPSS 0.00
CVE-2019-19255 MEDIUM
GitLab 12.3.0-12.5.0 - Incorrect Access Control
Jan 03, 2020
CVSS 4.3
EPSS 0.00
CVE-2019-19311 MEDIUM
GitLab 8.14.0-12.3.6 12.4.3 12.5 - Stored Cross-Site Scripting in Group and Profile Fields
Jan 03, 2020
CVSS 5.4
EPSS 0.00
CVE-2019-19254 MEDIUM
GitLab CE/EE <12.5 - Info Disclosure
Jan 03, 2020
CVSS 5.3
EPSS 0.00
CVE-2019-19088 CRITICAL
GitLab 11.3.0-12.4.2 - Path Traversal
Jan 03, 2020
CVSS 9.8
EPSS 0.00
CVE-2019-19087 MEDIUM
Gitlab EE <12.5.1 - Info Disclosure
Jan 03, 2020
CVSS 4.3
EPSS 0.00
CVE-2019-19086 MEDIUM
Gitlab EE <12.5.1 - Info Disclosure
Jan 03, 2020
CVSS 4.3
EPSS 0.00
CVE-2019-15584 MEDIUM
GitLab < 12.3.2, < 12.2.6, and < 12.1.10 - Denial of Service via Markdown Field Input Validation Bypass
Dec 20, 2019
CVSS 6.5
EPSS 0.00
CVE-2019-5487 MEDIUM
GitLab < 12.1.13 - Improper Access Control via Elasticsearch Group Search
Dec 18, 2019
CVSS 5.3
EPSS 0.00
CVE-2019-5486 HIGH
GitLab <12.3.2, <12.2.6, and <12.1.10 - Authentication Bypass via Salesforce Login Integration
Dec 18, 2019
CVSS 8.8
EPSS 0.00
CVE-2019-5469 MEDIUM
GitLab < 11.11.6, < 12.0.4, < 12.1.2 - Authorization Bypass via Project Archive File Upload
Dec 18, 2019
CVSS 6.5
EPSS 0.00
CVE-2019-15591 MEDIUM
GitLab < 12.3.3 - Unauthenticated Improper Access Control via Merge Request Widget
Dec 18, 2019
CVSS 6.5
EPSS 0.00
CVE-2019-15589 HIGH
GitLab <12.3.2, <12.2.6, <12.1.12 - Improper Access Control via CI/CD Token
Dec 18, 2019
CVSS 8.8
EPSS 0.00
CVE-2019-15580 MEDIUM
GitLab < 12.1.10, < 12.2.6, < 12.3.2 - Unauthenticated Information Exposure via Blocking Merge Request Feature
Dec 18, 2019
CVSS 6.5
EPSS 0.00
CVE-2019-15577 MEDIUM
GitLab <12.3.2, <12.2.6, <12.1.12 - Unauthorized Information Disclosure via Groups Browsing
Dec 18, 2019
CVSS 4.3
EPSS 0.00
Products
gitlab 1,368 GitLab 110 gitlab-shell 5 dynamic_application_security_testing_analyzer 4 runner 3 gitlab-vscode-extension 2 GitLab AI Gateway 1 dast_api_scanner 1 gitaly 1 gitlab_runner 1 language_server 1 omnibus 1
Quick Filters
Critical CVEs With Exploits In CISA KEV