gitlab
1,423 tracked vulnerabilities.
CVE-2019-11549
MEDIUM
GitLab <11.8.9-11.10.2 - Info Disclosure
Sep 09, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-11548
MEDIUM
GitLab 5.4.0-11.8.9 - Unauthenticated Incorrect Access Control in Note Endpoint
Sep 09, 2019
CVSS 5.4
EPSS 0.01
CVE-2019-11547
MEDIUM
GitLab < 11.8.9, 11.9.x < 11.9.10, 11.10.x < 11.10.2 - Cross-Site Scripting via Merge Request Notification Email
Sep 09, 2019
CVSS 6.1
EPSS 0.01
CVE-2019-11546
MEDIUM
GitLab <11.8.9-11.10.2 - Info Disclosure
Sep 09, 2019
CVSS 5.3
EPSS 0.01
CVE-2019-11545
MEDIUM
GitLab CE <11.9.10, <11.10.2 - Info Disclosure
Sep 09, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-11544
MEDIUM
GitLab <11.8.9-11.10.2 - Info Disclosure
Sep 09, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-5473
HIGH
GitLab - Authentication Bypass via Email Verification
Sep 09, 2019
CVSS 7.2
EPSS 0.02
CVE-2019-5471
MEDIUM
GitLab 11.11.0-11.11.6 - Stored Cross-Site Scripting in Email Notification Feature
Sep 09, 2019
CVSS 5.4
EPSS 0.01
CVE-2019-5467
MEDIUM
GitLab 11.11.2-11.11.6 - Stored Cross-Site Scripting in Wiki Pages
Sep 09, 2019
CVSS 5.4
EPSS 0.01
CVE-2019-5463
MEDIUM
GitLab 11.11.0-11.11.6 - Missing Authorization in CI Badge Images Endpoint
Sep 09, 2019
CVSS 5.3
EPSS 0.02
CVE-2019-5461
LOW
GitLab 11.11.0-11.11.6 - Server-Side Request Forgery via GitHub Integration
Sep 09, 2019
CVSS 3.5
EPSS 0.01
CVE-2019-14943
CRITICAL
GitLab 12.0-12.1.4 - Use of Hard-coded Credentials
Aug 29, 2019
CVSS 9.8
EPSS 0.02
CVE-2019-9866
MEDIUM
GitLab <11.7.7, <11.8.3 - Info Disclosure
May 29, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-9732
CRITICAL
GitLab <11.6.10-11.8.1 - Incorrect Access Control
May 29, 2019
CVSS 9.8
EPSS 0.02
CVE-2019-9485
CRITICAL
GitLab <11.6.10-11.8.1 - Info Disclosure
May 29, 2019
CVSS 9.8
EPSS 0.02
CVE-2019-9221
MEDIUM
GitLab < 11.6.10, 11.7.x < 11.7.6, 11.8.x < 11.8.1 - Incorrect Access Control
May 29, 2019
CVSS 5.5
EPSS 0.00
CVE-2019-9218
CRITICAL
GitLab <11.6.10-11.8.1 - Info Disclosure
May 29, 2019
CVSS 9.8
EPSS 0.02
CVE-2019-7549
MEDIUM
GitLab <11.5.10-11.7.3 - Auth Bypass
May 29, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-7353
CRITICAL
GitLab CE/EE <11.7.4 - Info Disclosure
May 17, 2019
CVSS 9.1
EPSS 0.02
CVE-2019-6797
HIGH
GitLab < 11.5.8, 11.6.x < 11.6.6, 11.7.x < 11.7.1 - Information Disclosure via GitHub Token Leak in CI/CD UI
May 17, 2019
CVSS 7.5
EPSS 0.02
CVE-2019-6790
MEDIUM
GitLab 8.14.0-11.5.7, 11.6.0-11.6.5, 11.7.0 - Unauthenticated Merge Request List Exposure
May 17, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-6787
MEDIUM
GitLab Community/E Enterprise <11.5.8-11.7.1 - Info Disclosure
May 17, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-6781
HIGH
GitLab 11.5.0-11.5.7, 11.6.0-11.6.5, 11.7.0 - Open Redirect via Profile Name in Notification Emails
May 17, 2019
CVSS 7.5
EPSS 0.01
CVE-2019-5883
CRITICAL
GitLab Community and Enterprise Edition <11.3.11 <11.4.8 <11.5.1 - Incorrect Access Control in Issue Comments
May 17, 2019
CVSS 9.1
EPSS 0.02
CVE-2019-10112
HIGH
GitLab <11.7.8-11.9.2 - Info Disclosure
May 16, 2019
CVSS 7.5
EPSS 0.01