gitlab
1,423 tracked vulnerabilities.
CVE-2018-20491
MEDIUM
GitLab 11.3.0-11.4.12, 11.5.0-11.5.5, 11.6.0 - Cross-Site Scripting
Dec 30, 2019
CVSS 5.4
EPSS 0.01
CVE-2018-20490
MEDIUM
GitLab 11.2.0-11.4.12, 11.5.0-11.5.5, 11.6.0 - Cross-Site Scripting
Dec 30, 2019
CVSS 5.4
EPSS 0.01
CVE-2018-20489
MEDIUM
GitLab 9.1.0-11.4.12, 11.5.0-11.5.5, 11.6.0 - Improper Authentication
Dec 30, 2019
CVSS 5.3
EPSS 0.01
CVE-2018-20488
MEDIUM
GitLab 9.3.0-11.4.12, 11.5.0-11.5.5, 11.6.0 - Information Exposure
Dec 30, 2019
CVSS 4.3
EPSS 0.01
CVE-2018-20492
MEDIUM
GitLab 8.0.0-11.4.12, 11.5.0-11.5.5, 11.6.0 - Incorrect Authorization
Dec 26, 2019
CVSS 5.3
EPSS 0.01
CVE-2018-19584
HIGH
GitLab EE <11.3.11-11.5.1 - Info Disclosure
Jul 10, 2019
CVSS 7.5
EPSS 0.02
CVE-2018-19583
MEDIUM
GitLab CE/EE <11.3.11-11.5.1 - Info Disclosure
Jul 10, 2019
CVSS 6.5
EPSS 0.02
CVE-2018-19582
MEDIUM
GitLab EE <11.4.8-11.5.1 - Info Disclosure
Jul 10, 2019
CVSS 4.3
EPSS 0.01
CVE-2018-19581
HIGH
GitLab EE <11.3.11-11.5.1 - Info Disclosure
Jul 10, 2019
CVSS 7.5
EPSS 0.01
CVE-2018-19580
MEDIUM
GitLab <11.5.1-11.3.11 - Info Disclosure
Jul 10, 2019
CVSS 5.3
EPSS 0.01
CVE-2018-19579
MEDIUM
GitLab 11.5.0 - Stored Cross-Site Scripting in Operations Page
Jul 10, 2019
CVSS 5.4
EPSS 0.01
CVE-2018-19578
MEDIUM
GitLab EE <11.5.1 - Info Disclosure
Jul 10, 2019
CVSS 6.5
EPSS 0.01
CVE-2018-19571
HIGH
GitLab CE/EE <11.3.11-11.5.1 - SSRF
Jul 10, 2019
CVSS 7.7
EPSS 0.28
CVE-2018-19576
HIGH
GitLab CE/EE <11.3.11-11.4.8-11.5.1 - Info Disclosure
Jul 10, 2019
CVSS 8.1
EPSS 0.01
CVE-2018-19575
MEDIUM
GitLab CE/EE <11.3.11-11.5.1 - Info Disclosure
Jul 10, 2019
CVSS 4.3
EPSS 0.01
CVE-2018-19574
MEDIUM
GitLab 7.6-11.3.10, 11.4-11.4.7, 11.5 - Cross-Site Scripting in OAuth Authorization Page
Jul 10, 2019
CVSS 5.4
EPSS 0.01
CVE-2018-19573
MEDIUM
GitLab 10.3-11.x < 11.3.11, 11.4 < 11.4.8, 11.5 < 11.5.1 - Stored Cross-Site Scripting via Mermaid Markdown Renderer
Jul 10, 2019
CVSS 5.4
EPSS 0.01
CVE-2018-19572
MEDIUM
GitLab CE/E 8.17+ - Unauthorized Access
Jul 10, 2019
CVSS 5.9
EPSS 0.01
CVE-2018-19570
MEDIUM
GitLab 11.3-11.3.10, 11.4-11.4.7, 11.5 - Cross-Site Scripting via Unrecognized HTML Tags in Markdown Fields
Jul 10, 2019
CVSS 5.4
EPSS 0.01
CVE-2018-19569
HIGH
GitLab CE/EE <11.3.11, <11.4.8, <11.5.1 - Auth Bypass
Jul 10, 2019
CVSS 8.8
EPSS 0.02
CVE-2018-19577
MEDIUM
Gitlab CE/EE <11.3.11-11.5.1 - Info Disclosure
Jul 10, 2019
CVSS 5.3
EPSS 0.02
CVE-2018-19496
MEDIUM
GitLab <11.3.11-11.5.1 - Privilege Escalation
Jul 10, 2019
CVSS 6.5
EPSS 0.01
CVE-2018-19495
MEDIUM
GitLab < 11.3.11, 11.4.x < 11.4.8, 11.5.x < 11.5.1 - Server-Side Request Forgery via Prometheus Integration
Jul 10, 2019
CVSS 6.5
EPSS 0.01
CVE-2018-19494
MEDIUM
GitLab <11.3.11-11.5.1 - Info Disclosure
Jul 10, 2019
CVSS 4.3
EPSS 0.01
CVE-2018-19493
MEDIUM
GitLab 11.x < 11.3.11, 11.4.x < 11.4.8, 11.5.x < 11.5.1 - Stored Cross-Site Scripting in Environment Pages
Jul 10, 2019
CVSS 6.1
EPSS 0.01