gitlab

1,423 tracked vulnerabilities.

CVE-2019-10117 MEDIUM
GitLab <11.7.8, <11.8.4, <11.9.2 - Open Redirect
May 16, 2019
CVSS 6.1
EPSS 0.01
CVE-2019-10116 MEDIUM
GitLab Community/E Enterprise <11.7.8-11.9.2 - Info Disclosure
May 16, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-10115 MEDIUM
GitLab < 11.7.8, 11.8.x < 11.8.4, 11.9.x < 11.9.2 - Insecure Permissions in Releases Feature
May 16, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-10114 HIGH
GitLab <11.7.8, <11.8.x <11.8.4, <11.9.x <11.9.2 - Info Disclosure
May 16, 2019
CVSS 7.5
EPSS 0.02
CVE-2019-10113 HIGH
GitLab <11.7.8-11.9.2 - Uncontrolled Resource Consumption
May 16, 2019
CVSS 7.5
EPSS 0.02
CVE-2019-10111 MEDIUM
GitLab < 11.7.8, 11.8.x < 11.8.4, 11.9.x < 11.9.2 - Stored Cross-Site Scripting in Merge Request Conflicts Page
May 15, 2019
CVSS 5.4
EPSS 0.01
CVE-2019-10110 MEDIUM
GitLab <11.7.8, <11.8.4, <11.9.2 - Privilege Escalation
May 15, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-10109 MEDIUM
GitLab <11.7.8, <11.8.x <11.8.4, <11.9.x <11.9.2 - Info Disclosure
May 15, 2019
CVSS 5.3
EPSS 0.02
CVE-2019-10108 MEDIUM
GitLab < 11.7.8, 11.8.x < 11.8.4, 11.9.x < 11.9.2 - Incorrect Access Control for Private Project Labels
May 15, 2019
CVSS 5.4
EPSS 0.01
CVE-2019-10640 HIGH
GitLab < 11.7.10, 11.8.x < 11.8.6, 11.9.x < 11.9.4 - Resource Consumption via .gitlab-ci.yml
May 15, 2019
CVSS 7.5
EPSS 0.02
CVE-2019-11000 MEDIUM
GitLab < 11.7.11, 11.8.x < 11.8.7, 11.9.x < 11.9.7 - Information Disclosure
May 10, 2019
CVSS 6.5
EPSS 0.02
CVE-2019-9890 CRITICAL
GitLab <11.6.10-11.8.1 - Info Disclosure
Apr 17, 2019
CVSS 9.1
EPSS 0.01
CVE-2019-9756 CRITICAL
GitLab Community and Enterprise Edition <11.6.10/11.7.6 - Incorrect Access Control
Apr 17, 2019
CVSS 9.8
EPSS 0.02
CVE-2019-9225 MEDIUM
GitLab < 11.6.10, 11.7.x < 11.7.6, 11.8.x < 11.8.1 - Exposure of Sensitive Information via Incorrect Access Control
Apr 17, 2019
CVSS 5.3
EPSS 0.02
CVE-2019-9224 MEDIUM
GitLab < 11.6.10, 11.7.x < 11.7.6, 11.8.x < 11.8.1 - Missing Authorization
Apr 17, 2019
CVSS 5.3
EPSS 0.02
CVE-2019-9223 HIGH
GitLab < 11.6.10, 11.7.x < 11.7.6, 11.8.x < 11.8.1 - Information Exposure via Error Message
Apr 17, 2019
CVSS 7.5
EPSS 0.02
CVE-2019-9222 HIGH
GitLab < 11.6.10, 11.7.x < 11.7.6, 11.8.x < 11.8.1 - Path Traversal
Apr 17, 2019
CVSS 8.1
EPSS 0.02
CVE-2019-9220 HIGH
GitLab < 11.6.10, 11.7.x < 11.7.6, 11.8.x < 11.8.1 - Uncontrolled Resource Consumption
Apr 17, 2019
CVSS 7.5
EPSS 0.03
CVE-2019-9219 LOW
GitLab < 11.6.10, 11.7.x < 11.7.6, 11.8.x < 11.8.1 - Authorization Bypass Through User-Controlled Key
Apr 17, 2019
CVSS 3.7
EPSS 0.01
CVE-2019-9217 CRITICAL
GitLab <11.6.10-11.8.1 - Info Disclosure
Apr 17, 2019
CVSS 9.8
EPSS 0.01
CVE-2019-9179 LOW
GitLab < 11.6.10, 11.7.x < 11.7.6, 11.8.x < 11.8.1 - Information Exposure
Apr 17, 2019
CVSS 3.7
EPSS 0.01
CVE-2019-9178 MEDIUM
GitLab <11.6.10-11.8.1 - Info Disclosure
Apr 17, 2019
CVSS 5.3
EPSS 0.02
CVE-2019-9176 MEDIUM
GitLab < 11.6.10, 11.7.x < 11.7.6, 11.8.x < 11.8.1 - Cross-Site Request Forgery
Apr 17, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-9175 MEDIUM
GitLab < 11.6.10, 11.7.x < 11.7.6, 11.8.x < 11.8.1 - Information Exposure
Apr 17, 2019
CVSS 5.3
EPSS 0.01
CVE-2019-9174 CRITICAL
GitLab < 11.6.10, 11.7.x < 11.7.6, 11.8.x < 11.8.1 - Server-Side Request Forgery
Apr 17, 2019
CVSS 10.0
EPSS 0.02