gitlab

1,383 tracked vulnerabilities.

CVE-2019-15738 MEDIUM
GitLab 12.0-12.2.1 - Unauthorized Exposure of Merge Request IDs via Email
Sep 16, 2019
CVSS 5.3
EPSS 0.00
CVE-2019-15737 MEDIUM
GitLab < 12.2.1 - Authentication and Session Management Issue
Sep 16, 2019
CVSS 6.5
EPSS 0.00
CVE-2019-15736 HIGH
GitLab < 12.2.1 - Denial of Service via CI Pipeline Resource Exhaustion
Sep 16, 2019
CVSS 7.5
EPSS 0.00
CVE-2019-15734 MEDIUM
GitLab 8.6.0-12.2.1 - Unauthorized Exposure of Sensitive Commit and Comment Data
Sep 16, 2019
CVSS 4.3
EPSS 0.00
CVE-2019-15733 MEDIUM
GitLab 7.12-12.2.1 - Unauthorized Exposure of Default Branch Name
Sep 16, 2019
CVSS 4.3
EPSS 0.00
CVE-2019-15732 MEDIUM
GitLab CE/EE <12.2.1 - Info Disclosure
Sep 16, 2019
CVSS 5.3
EPSS 0.00
CVE-2019-15731 MEDIUM
GitLab 12.0-12.2.1 - Unauthenticated Merge Request Comment Access
Sep 16, 2019
CVSS 5.3
EPSS 0.00
CVE-2019-15730 HIGH
GitLab 8.14.0-12.2.1 - Server-Side Request Forgery via Jira Integration
Sep 16, 2019
CVSS 7.5
EPSS 0.00
CVE-2019-15728 HIGH
GitLab 10.1-12.2.1 - Server-Side Request Forgery via Kubernetes Integration
Sep 16, 2019
CVSS 7.5
EPSS 0.00
CVE-2019-15727 MEDIUM
GitLab 11.2.0-12.2.1 - Unauthorized Exposure of CI Metrics Data
Sep 16, 2019
CVSS 5.3
EPSS 0.00
CVE-2019-15726 MEDIUM
GitLab < 12.2.1 - Information Disclosure via Markdown Embedded Media
Sep 16, 2019
CVSS 5.3
EPSS 0.00
CVE-2019-15725 HIGH
GitLab 12.0-12.2.1 - Authorization Bypass via Epic Notes API
Sep 16, 2019
CVSS 7.5
EPSS 0.00
CVE-2019-15724 MEDIUM
GitLab 11.10.0-12.2.1 - Cross-Site Scripting in Label Descriptions
Sep 16, 2019
CVSS 6.1
EPSS 0.00
CVE-2019-15723 MEDIUM
GitLab 11.9.4-11.10.1 - Missing Authorization via Merge Request Email Creation
Sep 16, 2019
CVSS 5.3
EPSS 0.00
CVE-2019-15722 HIGH
GitLab 8.15.0-12.2.1 - Denial of Service via Markdown Mathematical Expression Parsing
Sep 16, 2019
CVSS 7.5
EPSS 0.00
CVE-2019-15721 MEDIUM
GitLab 10.8.0-12.2.1 - Authenticated Incorrect Permission Assignment for Critical Resource via Internal Endpoint
Sep 16, 2019
CVSS 5.4
EPSS 0.00
CVE-2019-16170 HIGH
GitLab EE <12.0.9-12.2.5 - Privilege Escalation
Sep 16, 2019
CVSS 7.1
EPSS 0.00
CVE-2019-7176 LOW
GitLab <11.5.9-11.7.2 - Info Disclosure
Sep 09, 2019
CVSS 3.7
EPSS 0.00
CVE-2019-6791 MEDIUM
GitLab <11.5.8-11.7.1 - Privilege Escalation
Sep 09, 2019
CVSS 6.5
EPSS 0.00
CVE-2019-6997 MEDIUM
GitLab <11.5.8-11.7.1 - Info Disclosure
Sep 09, 2019
CVSS 4.3
EPSS 0.00
CVE-2019-6996 MEDIUM
GitLab EE <11.5.8-11.7.1 - Info Disclosure
Sep 09, 2019
CVSS 4.3
EPSS 0.00
CVE-2019-6995 MEDIUM
GitLab <11.5.8-11.7.1 - Info Disclosure
Sep 09, 2019
CVSS 6.5
EPSS 0.00
CVE-2019-6960 CRITICAL
GitLab <11.5.8-11.7.1 - Info Disclosure
Sep 09, 2019
CVSS 9.8
EPSS 0.01
CVE-2019-6795 MEDIUM
GitLab <11.5.8-11.7.1 - Info Disclosure
Sep 09, 2019
CVSS 5.4
EPSS 0.00
CVE-2019-6794 MEDIUM
GitLab < 11.5.8, 11.6.x < 11.6.6, 11.7.x < 11.7.1 - Information Disclosure via Default Branch Commit Status
Sep 09, 2019
CVSS 4.3
EPSS 0.00
Products
gitlab 1,368 GitLab 110 gitlab-shell 5 dynamic_application_security_testing_analyzer 4 runner 3 gitlab-vscode-extension 2 GitLab AI Gateway 1 dast_api_scanner 1 gitaly 1 gitlab_runner 1 language_server 1 omnibus 1
Quick Filters
Critical CVEs With Exploits In CISA KEV