gitlab

1,423 tracked vulnerabilities.

CVE-2019-11549 MEDIUM
GitLab <11.8.9-11.10.2 - Info Disclosure
Sep 09, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-11548 MEDIUM
GitLab 5.4.0-11.8.9 - Unauthenticated Incorrect Access Control in Note Endpoint
Sep 09, 2019
CVSS 5.4
EPSS 0.01
CVE-2019-11547 MEDIUM
GitLab < 11.8.9, 11.9.x < 11.9.10, 11.10.x < 11.10.2 - Cross-Site Scripting via Merge Request Notification Email
Sep 09, 2019
CVSS 6.1
EPSS 0.01
CVE-2019-11546 MEDIUM
GitLab <11.8.9-11.10.2 - Info Disclosure
Sep 09, 2019
CVSS 5.3
EPSS 0.01
CVE-2019-11545 MEDIUM
GitLab CE <11.9.10, <11.10.2 - Info Disclosure
Sep 09, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-11544 MEDIUM
GitLab <11.8.9-11.10.2 - Info Disclosure
Sep 09, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-5473 HIGH
GitLab - Authentication Bypass via Email Verification
Sep 09, 2019
CVSS 7.2
EPSS 0.02
CVE-2019-5471 MEDIUM
GitLab 11.11.0-11.11.6 - Stored Cross-Site Scripting in Email Notification Feature
Sep 09, 2019
CVSS 5.4
EPSS 0.01
CVE-2019-5467 MEDIUM
GitLab 11.11.2-11.11.6 - Stored Cross-Site Scripting in Wiki Pages
Sep 09, 2019
CVSS 5.4
EPSS 0.01
CVE-2019-5463 MEDIUM
GitLab 11.11.0-11.11.6 - Missing Authorization in CI Badge Images Endpoint
Sep 09, 2019
CVSS 5.3
EPSS 0.02
CVE-2019-5461 LOW
GitLab 11.11.0-11.11.6 - Server-Side Request Forgery via GitHub Integration
Sep 09, 2019
CVSS 3.5
EPSS 0.01
CVE-2019-14943 CRITICAL
GitLab 12.0-12.1.4 - Use of Hard-coded Credentials
Aug 29, 2019
CVSS 9.8
EPSS 0.02
CVE-2019-9866 MEDIUM
GitLab <11.7.7, <11.8.3 - Info Disclosure
May 29, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-9732 CRITICAL
GitLab <11.6.10-11.8.1 - Incorrect Access Control
May 29, 2019
CVSS 9.8
EPSS 0.02
CVE-2019-9485 CRITICAL
GitLab <11.6.10-11.8.1 - Info Disclosure
May 29, 2019
CVSS 9.8
EPSS 0.02
CVE-2019-9221 MEDIUM
GitLab < 11.6.10, 11.7.x < 11.7.6, 11.8.x < 11.8.1 - Incorrect Access Control
May 29, 2019
CVSS 5.5
EPSS 0.00
CVE-2019-9218 CRITICAL
GitLab <11.6.10-11.8.1 - Info Disclosure
May 29, 2019
CVSS 9.8
EPSS 0.02
CVE-2019-7549 MEDIUM
GitLab <11.5.10-11.7.3 - Auth Bypass
May 29, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-7353 CRITICAL
GitLab CE/EE <11.7.4 - Info Disclosure
May 17, 2019
CVSS 9.1
EPSS 0.02
CVE-2019-6797 HIGH
GitLab < 11.5.8, 11.6.x < 11.6.6, 11.7.x < 11.7.1 - Information Disclosure via GitHub Token Leak in CI/CD UI
May 17, 2019
CVSS 7.5
EPSS 0.02
CVE-2019-6790 MEDIUM
GitLab 8.14.0-11.5.7, 11.6.0-11.6.5, 11.7.0 - Unauthenticated Merge Request List Exposure
May 17, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-6787 MEDIUM
GitLab Community/E Enterprise <11.5.8-11.7.1 - Info Disclosure
May 17, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-6781 HIGH
GitLab 11.5.0-11.5.7, 11.6.0-11.6.5, 11.7.0 - Open Redirect via Profile Name in Notification Emails
May 17, 2019
CVSS 7.5
EPSS 0.01
CVE-2019-5883 CRITICAL
GitLab Community and Enterprise Edition <11.3.11 <11.4.8 <11.5.1 - Incorrect Access Control in Issue Comments
May 17, 2019
CVSS 9.1
EPSS 0.02
CVE-2019-10112 HIGH
GitLab <11.7.8-11.9.2 - Info Disclosure
May 16, 2019
CVSS 7.5
EPSS 0.01