Bitnami package

gitlab

pkg:bitnami/gitlab

Vulnerabilities (1,054)

CVE	CVSS	Affected versions	Fixed in	Published	Description
CVE-2020-7967	—	>= 12.0.0, < 12.7.3	12.7.3	Feb 5, 2020	GitLab EE 8.0 through 12.7.2 has Insecure Permissions (issue 1 of 2).
CVE-2020-7968	—	< 12.5.9	12.5.9	Feb 5, 2020	GitLab EE 8.0 through 12.7.2 has Incorrect Access Control.
CVE-2020-7969	—	>= 8.0.0, < 12.5.9	12.5.9	Feb 5, 2020	GitLab EE 8.0 and later through 12.7.2 allows Information Disclosure.
CVE-2020-7971	—	>= 11.0.0, < 12.5.9	12.5.9	Feb 5, 2020	GitLab EE 11.0 and later through 12.7.2 allows XSS.
CVE-2020-7972	—	>= 12.0.0, < 12.5.9	12.5.9	Feb 5, 2020	GitLab EE 12.2 has Insecure Permissions (issue 2 of 2).
CVE-2020-7973	—	< 12.5.9	12.5.9	Feb 5, 2020	GitLab through 12.7.2 allows XSS.
CVE-2020-7974	—	>= 10.1.0, < 12.5.9	12.5.9	Feb 5, 2020	GitLab EE 10.1 through 12.7.2 allows Information Disclosure.
CVE-2020-7976	—	>= 12.4.0, < 12.5.9	12.5.9	Feb 5, 2020	GitLab EE 12.4 and later through 12.7.2 has Incorrect Access Control.
CVE-2020-7977	—	>= 8.8.0, < 12.5.9	12.5.9	Feb 5, 2020	GitLab EE 8.8 and later through 12.7.2 has Insecure Permissions.
CVE-2020-7978	—	>= 12.6.0, < 12.6.6	12.6.6	Feb 5, 2020	GitLab EE 12.6 and later through 12.7.2 allows Denial of Service.
CVE-2020-7979	—	>= 8.9.0, < 12.5.9	12.5.9	Feb 5, 2020	GitLab EE 8.9 and later through 12.7.2 has Insecure Permission
CVE-2020-8114	—	>= 8.9.0, < 12.5.9	12.5.9	Feb 5, 2020	GitLab EE 8.9 and later through 12.7.2 has Insecure Permission
CVE-2020-5197	—	>= 5.1.0, < 12.6.2	12.6.2	Jan 13, 2020	An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 5.1 through 12.6.1. It has Incorrect Access Control.
CVE-2020-6832	—	>= 8.9.0, < 12.6.2	12.6.2	Jan 13, 2020	An issue was discovered in GitLab Enterprise Edition (EE) 8.9.0 through 12.6.1. Using the project import feature, it was possible for someone to obtain issues from private projects.

CVE-2020-7967Feb 5, 2020
affected >= 12.0.0, < 12.7.3fixed 12.7.3
GitLab EE 8.0 through 12.7.2 has Insecure Permissions (issue 1 of 2).
CVE-2020-7968Feb 5, 2020
affected < 12.5.9fixed 12.5.9
GitLab EE 8.0 through 12.7.2 has Incorrect Access Control.
CVE-2020-7969Feb 5, 2020
affected >= 8.0.0, < 12.5.9fixed 12.5.9
GitLab EE 8.0 and later through 12.7.2 allows Information Disclosure.
CVE-2020-7971Feb 5, 2020
affected >= 11.0.0, < 12.5.9fixed 12.5.9
GitLab EE 11.0 and later through 12.7.2 allows XSS.
CVE-2020-7972Feb 5, 2020
affected >= 12.0.0, < 12.5.9fixed 12.5.9
GitLab EE 12.2 has Insecure Permissions (issue 2 of 2).
CVE-2020-7973Feb 5, 2020
affected < 12.5.9fixed 12.5.9
GitLab through 12.7.2 allows XSS.
CVE-2020-7974Feb 5, 2020
affected >= 10.1.0, < 12.5.9fixed 12.5.9
GitLab EE 10.1 through 12.7.2 allows Information Disclosure.
CVE-2020-7976Feb 5, 2020
affected >= 12.4.0, < 12.5.9fixed 12.5.9
GitLab EE 12.4 and later through 12.7.2 has Incorrect Access Control.
CVE-2020-7977Feb 5, 2020
affected >= 8.8.0, < 12.5.9fixed 12.5.9
GitLab EE 8.8 and later through 12.7.2 has Insecure Permissions.
CVE-2020-7978Feb 5, 2020
affected >= 12.6.0, < 12.6.6fixed 12.6.6
GitLab EE 12.6 and later through 12.7.2 allows Denial of Service.
CVE-2020-7979Feb 5, 2020
affected >= 8.9.0, < 12.5.9fixed 12.5.9
GitLab EE 8.9 and later through 12.7.2 has Insecure Permission
CVE-2020-8114Feb 5, 2020
affected >= 8.9.0, < 12.5.9fixed 12.5.9
GitLab EE 8.9 and later through 12.7.2 has Insecure Permission
CVE-2020-5197Jan 13, 2020
affected >= 5.1.0, < 12.6.2fixed 12.6.2
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 5.1 through 12.6.1. It has Incorrect Access Control.
CVE-2020-6832Jan 13, 2020
affected >= 8.9.0, < 12.6.2fixed 12.6.2
An issue was discovered in GitLab Enterprise Edition (EE) 8.9.0 through 12.6.1. Using the project import feature, it was possible for someone to obtain issues from private projects.

Page 53 of 53