gitlab
1,423 tracked vulnerabilities.
CVE-2019-15726
MEDIUM
GitLab < 12.2.1 - Information Disclosure via Markdown Embedded Media
Sep 16, 2019
CVSS 5.3
EPSS 0.02
CVE-2019-15725
HIGH
GitLab 12.0-12.2.1 - Authorization Bypass via Epic Notes API
Sep 16, 2019
CVSS 7.5
EPSS 0.02
CVE-2019-15724
MEDIUM
GitLab 11.10.0-12.2.1 - Cross-Site Scripting in Label Descriptions
Sep 16, 2019
CVSS 6.1
EPSS 0.01
CVE-2019-15723
MEDIUM
GitLab 11.9.4-11.10.1 - Missing Authorization via Merge Request Email Creation
Sep 16, 2019
CVSS 5.3
EPSS 0.01
CVE-2019-15722
HIGH
GitLab 8.15.0-12.2.1 - Denial of Service via Markdown Mathematical Expression Parsing
Sep 16, 2019
CVSS 7.5
EPSS 0.02
CVE-2019-15721
MEDIUM
GitLab 10.8.0-12.2.1 - Authenticated Incorrect Permission Assignment for Critical Resource via Internal Endpoint
Sep 16, 2019
CVSS 5.4
EPSS 0.01
CVE-2019-16170
HIGH
GitLab EE <12.0.9-12.2.5 - Privilege Escalation
Sep 16, 2019
CVSS 7.1
EPSS 0.01
CVE-2019-7176
LOW
GitLab <11.5.9-11.7.2 - Info Disclosure
Sep 09, 2019
CVSS 3.7
EPSS 0.01
CVE-2019-6791
MEDIUM
GitLab <11.5.8-11.7.1 - Privilege Escalation
Sep 09, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-6997
MEDIUM
GitLab <11.5.8-11.7.1 - Info Disclosure
Sep 09, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-6996
MEDIUM
GitLab EE <11.5.8-11.7.1 - Info Disclosure
Sep 09, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-6995
MEDIUM
GitLab <11.5.8-11.7.1 - Info Disclosure
Sep 09, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-6960
CRITICAL
GitLab <11.5.8-11.7.1 - Info Disclosure
Sep 09, 2019
CVSS 9.8
EPSS 0.02
CVE-2019-6795
MEDIUM
GitLab <11.5.8-11.7.1 - Info Disclosure
Sep 09, 2019
CVSS 5.4
EPSS 0.01
CVE-2019-6794
MEDIUM
GitLab < 11.5.8, 11.6.x < 11.6.6, 11.7.x < 11.7.1 - Information Disclosure via Default Branch Commit Status
Sep 09, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-6793
HIGH
NUCLEI
GitLab 10.0.0-11.5.7, 11.6.0-11.6.5, 11.7.0 - Unauthenticated Server-Side Request Forgery via Jira Integration
Sep 09, 2019
CVSS 7.0
EPSS 0.04
CVE-2019-6792
MEDIUM
GitLab 8.9.0-11.5.7, 11.6.0-11.6.5, 11.7.0 - Path Disclosure via Project Import Error Message
Sep 09, 2019
CVSS 5.3
EPSS 0.02
CVE-2019-6789
MEDIUM
GitLab < 11.5.8, 11.6.x < 11.6.6, 11.7.x < 11.7.1 - Information Disclosure via Project Move Notification
Sep 09, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-6788
HIGH
GitLab 8.4.0-11.5.7, 11.6.0-11.6.5, 11.7.0 - Information Disclosure via OAuth Token Covert Redirect
Sep 09, 2019
CVSS 7.5
EPSS 0.04
CVE-2019-6786
MEDIUM
GitLab <11.5.8-11.7.1 - Info Disclosure
Sep 09, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-6785
MEDIUM
GitLab 7.4.0-11.5.7, 11.6.0-11.6.5, 11.7.0 - Denial of Service via Markdown Field Input
Sep 09, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-6784
MEDIUM
GitLab < 11.5.8, 11.6.x < 11.6.6, 11.7.x < 11.7.1 - Stored Cross-Site Scripting via KaTeX Markdown Processing
Sep 09, 2019
CVSS 6.1
EPSS 0.01
CVE-2019-6783
HIGH
GitLab < 11.5.8, 11.6.x < 11.6.6, 11.7.x < 11.7.1 - Path Traversal and Remote Code Execution via GitLab Pages
Sep 09, 2019
CVSS 8.8
EPSS 0.05
CVE-2019-6782
HIGH
GitLab 11.3.0-11.5.7, 11.6.0-11.6.5, 11.7.0 - Information Disclosure via Private Profile Contribution Data
Sep 09, 2019
CVSS 7.5
EPSS 0.02
CVE-2019-11605
HIGH
GitLab <11.8.10-11.10.3 - Info Disclosure
Sep 09, 2019
CVSS 7.5
EPSS 0.01