gitlab
1,423 tracked vulnerabilities.
CVE-2019-10117
MEDIUM
GitLab <11.7.8, <11.8.4, <11.9.2 - Open Redirect
May 16, 2019
CVSS 6.1
EPSS 0.01
CVE-2019-10116
MEDIUM
GitLab Community/E Enterprise <11.7.8-11.9.2 - Info Disclosure
May 16, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-10115
MEDIUM
GitLab < 11.7.8, 11.8.x < 11.8.4, 11.9.x < 11.9.2 - Insecure Permissions in Releases Feature
May 16, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-10114
HIGH
GitLab <11.7.8, <11.8.x <11.8.4, <11.9.x <11.9.2 - Info Disclosure
May 16, 2019
CVSS 7.5
EPSS 0.02
CVE-2019-10113
HIGH
GitLab <11.7.8-11.9.2 - Uncontrolled Resource Consumption
May 16, 2019
CVSS 7.5
EPSS 0.02
CVE-2019-10111
MEDIUM
GitLab < 11.7.8, 11.8.x < 11.8.4, 11.9.x < 11.9.2 - Stored Cross-Site Scripting in Merge Request Conflicts Page
May 15, 2019
CVSS 5.4
EPSS 0.01
CVE-2019-10110
MEDIUM
GitLab <11.7.8, <11.8.4, <11.9.2 - Privilege Escalation
May 15, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-10109
MEDIUM
GitLab <11.7.8, <11.8.x <11.8.4, <11.9.x <11.9.2 - Info Disclosure
May 15, 2019
CVSS 5.3
EPSS 0.02
CVE-2019-10108
MEDIUM
GitLab < 11.7.8, 11.8.x < 11.8.4, 11.9.x < 11.9.2 - Incorrect Access Control for Private Project Labels
May 15, 2019
CVSS 5.4
EPSS 0.01
CVE-2019-10640
HIGH
GitLab < 11.7.10, 11.8.x < 11.8.6, 11.9.x < 11.9.4 - Resource Consumption via .gitlab-ci.yml
May 15, 2019
CVSS 7.5
EPSS 0.02
CVE-2019-11000
MEDIUM
GitLab < 11.7.11, 11.8.x < 11.8.7, 11.9.x < 11.9.7 - Information Disclosure
May 10, 2019
CVSS 6.5
EPSS 0.02
CVE-2019-9890
CRITICAL
GitLab <11.6.10-11.8.1 - Info Disclosure
Apr 17, 2019
CVSS 9.1
EPSS 0.01
CVE-2019-9756
CRITICAL
GitLab Community and Enterprise Edition <11.6.10/11.7.6 - Incorrect Access Control
Apr 17, 2019
CVSS 9.8
EPSS 0.02
CVE-2019-9225
MEDIUM
GitLab < 11.6.10, 11.7.x < 11.7.6, 11.8.x < 11.8.1 - Exposure of Sensitive Information via Incorrect Access Control
Apr 17, 2019
CVSS 5.3
EPSS 0.02
CVE-2019-9224
MEDIUM
GitLab < 11.6.10, 11.7.x < 11.7.6, 11.8.x < 11.8.1 - Missing Authorization
Apr 17, 2019
CVSS 5.3
EPSS 0.02
CVE-2019-9223
HIGH
GitLab < 11.6.10, 11.7.x < 11.7.6, 11.8.x < 11.8.1 - Information Exposure via Error Message
Apr 17, 2019
CVSS 7.5
EPSS 0.02
CVE-2019-9222
HIGH
GitLab < 11.6.10, 11.7.x < 11.7.6, 11.8.x < 11.8.1 - Path Traversal
Apr 17, 2019
CVSS 8.1
EPSS 0.02
CVE-2019-9220
HIGH
GitLab < 11.6.10, 11.7.x < 11.7.6, 11.8.x < 11.8.1 - Uncontrolled Resource Consumption
Apr 17, 2019
CVSS 7.5
EPSS 0.03
CVE-2019-9219
LOW
GitLab < 11.6.10, 11.7.x < 11.7.6, 11.8.x < 11.8.1 - Authorization Bypass Through User-Controlled Key
Apr 17, 2019
CVSS 3.7
EPSS 0.01
CVE-2019-9217
CRITICAL
GitLab <11.6.10-11.8.1 - Info Disclosure
Apr 17, 2019
CVSS 9.8
EPSS 0.01
CVE-2019-9179
LOW
GitLab < 11.6.10, 11.7.x < 11.7.6, 11.8.x < 11.8.1 - Information Exposure
Apr 17, 2019
CVSS 3.7
EPSS 0.01
CVE-2019-9178
MEDIUM
GitLab <11.6.10-11.8.1 - Info Disclosure
Apr 17, 2019
CVSS 5.3
EPSS 0.02
CVE-2019-9176
MEDIUM
GitLab < 11.6.10, 11.7.x < 11.7.6, 11.8.x < 11.8.1 - Cross-Site Request Forgery
Apr 17, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-9175
MEDIUM
GitLab < 11.6.10, 11.7.x < 11.7.6, 11.8.x < 11.8.1 - Information Exposure
Apr 17, 2019
CVSS 5.3
EPSS 0.01
CVE-2019-9174
CRITICAL
GitLab < 11.6.10, 11.7.x < 11.7.6, 11.8.x < 11.8.1 - Server-Side Request Forgery
Apr 17, 2019
CVSS 10.0
EPSS 0.02