VYPR

apk package

chainguard/gitlab-operator

pkg:apk/chainguard/gitlab-operator

Vulnerabilities (143)

  • CVE-2019-10114May 16, 2019
    affected < 0fixed 0

    An Information Exposure issue (issue 2 of 2) was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. During the OAuth authentication process, the application attempts to validate a parameter in an insecure way, pote

  • CVE-2019-10113May 16, 2019
    affected < 0fixed 0

    An issue was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. Making concurrent GET /api/v4/projects//languages requests may allow Uncontrolled Resource Consumption.

  • CVE-2019-10111May 15, 2019
    affected < 0fixed 0

    An issue was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. It allows persistent XSS in the merge request "resolve conflicts" page.

  • CVE-2019-10110May 15, 2019
    affected < 0fixed 0

    An Insecure Permissions issue (issue 1 of 3) was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. The "move issue" feature may allow a user to create projects under any namespace on any GitLab instance on which t

  • CVE-2019-10109May 15, 2019
    affected < 0fixed 0

    An Information Exposure issue (issue 1 of 2) was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. EXIF geolocation data were not removed from images when uploaded to GitLab. As a result, anyone with access to the

  • CVE-2019-10108May 15, 2019
    affected < 0fixed 0

    An Incorrect Access Control (issue 1 of 2) was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. It allowed non-members of a private project/group to add and read labels.

  • CVE-2019-10640May 15, 2019
    affected < 0fixed 0

    An issue was discovered in GitLab Community and Enterprise Edition before 11.7.10, 11.8.x before 11.8.6, and 11.9.x before 11.9.4. A regex input validation issue for the .gitlab-ci.yml refs value allows Uncontrolled Resource Consumption.

  • CVE-2018-18643Apr 25, 2019
    affected < 0fixed 0

    GitLab CE & EE 11.2 and later and before 11.5.0-rc12, 11.4.6, and 11.3.10 have Persistent XSS.

  • CVE-2019-9220Apr 17, 2019
    affected < 0fixed 0

    An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It allows Uncontrolled Resource Consumption.

  • CVE-2019-9223Apr 17, 2019
    affected < 0fixed 0

    An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It allows Information Exposure.

  • CVE-2019-9222Apr 17, 2019
    affected < 0fixed 0

    An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Insecure Permissions.

  • CVE-2019-9217Apr 17, 2019
    affected < 0fixed 0

    An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. Its User Interface has a Misrepresentation of Critical Information.

  • CVE-2019-9219Apr 17, 2019
    affected < 0fixed 0

    An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control (issue 2 of 5).

  • CVE-2019-9225Apr 17, 2019
    affected < 0fixed 0

    An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control (issue 5 of 5).

  • CVE-2019-9224Apr 17, 2019
    affected < 0fixed 0

    An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control (issue 4 of 5).

  • CVE-2019-9171Apr 17, 2019
    affected < 0fixed 0

    An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It allows Information Exposure (issue 1 of 5).

  • CVE-2019-9179Apr 17, 2019
    affected < 0fixed 0

    An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It allows Information Exposure (issue 5 of 5).

  • CVE-2019-9178Apr 17, 2019
    affected < 0fixed 0

    An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It allows Information Exposure (issue 4 of 5).

  • CVE-2019-9175Apr 17, 2019
    affected < 0fixed 0

    An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It allows Information Exposure (issue 3 of 5).

  • CVE-2019-9170Apr 17, 2019
    affected < 0fixed 0

    An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control.

Page 6 of 8