gitlab

1,423 tracked vulnerabilities.

CVE-2019-15726 MEDIUM
GitLab < 12.2.1 - Information Disclosure via Markdown Embedded Media
Sep 16, 2019
CVSS 5.3
EPSS 0.02
CVE-2019-15725 HIGH
GitLab 12.0-12.2.1 - Authorization Bypass via Epic Notes API
Sep 16, 2019
CVSS 7.5
EPSS 0.02
CVE-2019-15724 MEDIUM
GitLab 11.10.0-12.2.1 - Cross-Site Scripting in Label Descriptions
Sep 16, 2019
CVSS 6.1
EPSS 0.01
CVE-2019-15723 MEDIUM
GitLab 11.9.4-11.10.1 - Missing Authorization via Merge Request Email Creation
Sep 16, 2019
CVSS 5.3
EPSS 0.01
CVE-2019-15722 HIGH
GitLab 8.15.0-12.2.1 - Denial of Service via Markdown Mathematical Expression Parsing
Sep 16, 2019
CVSS 7.5
EPSS 0.02
CVE-2019-15721 MEDIUM
GitLab 10.8.0-12.2.1 - Authenticated Incorrect Permission Assignment for Critical Resource via Internal Endpoint
Sep 16, 2019
CVSS 5.4
EPSS 0.01
CVE-2019-16170 HIGH
GitLab EE <12.0.9-12.2.5 - Privilege Escalation
Sep 16, 2019
CVSS 7.1
EPSS 0.01
CVE-2019-7176 LOW
GitLab <11.5.9-11.7.2 - Info Disclosure
Sep 09, 2019
CVSS 3.7
EPSS 0.01
CVE-2019-6791 MEDIUM
GitLab <11.5.8-11.7.1 - Privilege Escalation
Sep 09, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-6997 MEDIUM
GitLab <11.5.8-11.7.1 - Info Disclosure
Sep 09, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-6996 MEDIUM
GitLab EE <11.5.8-11.7.1 - Info Disclosure
Sep 09, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-6995 MEDIUM
GitLab <11.5.8-11.7.1 - Info Disclosure
Sep 09, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-6960 CRITICAL
GitLab <11.5.8-11.7.1 - Info Disclosure
Sep 09, 2019
CVSS 9.8
EPSS 0.02
CVE-2019-6795 MEDIUM
GitLab <11.5.8-11.7.1 - Info Disclosure
Sep 09, 2019
CVSS 5.4
EPSS 0.01
CVE-2019-6794 MEDIUM
GitLab < 11.5.8, 11.6.x < 11.6.6, 11.7.x < 11.7.1 - Information Disclosure via Default Branch Commit Status
Sep 09, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-6793 HIGH NUCLEI
GitLab 10.0.0-11.5.7, 11.6.0-11.6.5, 11.7.0 - Unauthenticated Server-Side Request Forgery via Jira Integration
Sep 09, 2019
CVSS 7.0
EPSS 0.04
CVE-2019-6792 MEDIUM
GitLab 8.9.0-11.5.7, 11.6.0-11.6.5, 11.7.0 - Path Disclosure via Project Import Error Message
Sep 09, 2019
CVSS 5.3
EPSS 0.02
CVE-2019-6789 MEDIUM
GitLab < 11.5.8, 11.6.x < 11.6.6, 11.7.x < 11.7.1 - Information Disclosure via Project Move Notification
Sep 09, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-6788 HIGH
GitLab 8.4.0-11.5.7, 11.6.0-11.6.5, 11.7.0 - Information Disclosure via OAuth Token Covert Redirect
Sep 09, 2019
CVSS 7.5
EPSS 0.04
CVE-2019-6786 MEDIUM
GitLab <11.5.8-11.7.1 - Info Disclosure
Sep 09, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-6785 MEDIUM
GitLab 7.4.0-11.5.7, 11.6.0-11.6.5, 11.7.0 - Denial of Service via Markdown Field Input
Sep 09, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-6784 MEDIUM
GitLab < 11.5.8, 11.6.x < 11.6.6, 11.7.x < 11.7.1 - Stored Cross-Site Scripting via KaTeX Markdown Processing
Sep 09, 2019
CVSS 6.1
EPSS 0.01
CVE-2019-6783 HIGH
GitLab < 11.5.8, 11.6.x < 11.6.6, 11.7.x < 11.7.1 - Path Traversal and Remote Code Execution via GitLab Pages
Sep 09, 2019
CVSS 8.8
EPSS 0.05
CVE-2019-6782 HIGH
GitLab 11.3.0-11.5.7, 11.6.0-11.6.5, 11.7.0 - Information Disclosure via Private Profile Contribution Data
Sep 09, 2019
CVSS 7.5
EPSS 0.02
CVE-2019-11605 HIGH
GitLab <11.8.10-11.10.3 - Info Disclosure
Sep 09, 2019
CVSS 7.5
EPSS 0.01