Bitnami package
gitlab
pkg:bitnami/gitlab
Vulnerabilities (1,073)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-7976 | Med | 5.3 | >= 12.4.0, < 12.5.9 | 12.5.9 | Feb 5, 2020 | GitLab EE 12.4 and later through 12.7.2 has Incorrect Access Control. | |
| CVE-2020-7974 | Med | 5.3 | >= 10.1.0, < 12.5.9 | 12.5.9 | Feb 5, 2020 | GitLab EE 10.1 through 12.7.2 allows Information Disclosure. | |
| CVE-2020-7973 | Med | 6.1 | < 12.5.9 | 12.5.9 | Feb 5, 2020 | GitLab through 12.7.2 allows XSS. | |
| CVE-2020-7972 | Hig | 7.5 | >= 12.0.0, < 12.5.9 | 12.5.9 | Feb 5, 2020 | GitLab EE 12.2 has Insecure Permissions (issue 2 of 2). | |
| CVE-2020-7971 | Med | 6.1 | >= 11.0.0, < 12.5.9 | 12.5.9 | Feb 5, 2020 | GitLab EE 11.0 and later through 12.7.2 allows XSS. | |
| CVE-2020-7969 | Hig | 7.5 | >= 8.0.0, < 12.5.9 | 12.5.9 | Feb 5, 2020 | GitLab EE 8.0 and later through 12.7.2 allows Information Disclosure. | |
| CVE-2020-7968 | Hig | 7.5 | < 12.5.9 | 12.5.9 | Feb 5, 2020 | GitLab EE 8.0 through 12.7.2 has Incorrect Access Control. | |
| CVE-2020-7967 | Med | 4.3 | >= 12.0.0, < 12.7.3 | 12.7.3 | Feb 5, 2020 | GitLab EE 8.0 through 12.7.2 has Insecure Permissions (issue 1 of 2). | |
| CVE-2020-7966 | Hig | 7.5 | >= 11.11.0, < 12.5.9 | 12.5.9 | Feb 5, 2020 | GitLab EE 11.11 and later through 12.7.2 allows Directory Traversal. | |
| CVE-2020-8114 | Cri | 9.8 | >= 8.9.0, < 12.5.9 | 12.5.9 | Feb 5, 2020 | GitLab EE 8.9 and later through 12.7.2 has Insecure Permission | |
| CVE-2020-7979 | Med | 5.3 | >= 8.9.0, < 12.5.9 | 12.5.9 | Feb 5, 2020 | GitLab EE 8.9 and later through 12.7.2 has Insecure Permission | |
| CVE-2020-6832 | Med | 5.3 | >= 8.9.0, < 12.6.2 | 12.6.2 | Jan 13, 2020 | An issue was discovered in GitLab Enterprise Edition (EE) 8.9.0 through 12.6.1. Using the project import feature, it was possible for someone to obtain issues from private projects. | |
| CVE-2020-5197 | Med | 4.3 | >= 5.1.0, < 12.6.2 | 12.6.2 | Jan 13, 2020 | An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 5.1 through 12.6.1. It has Incorrect Access Control. |
- affected >= 12.4.0, < 12.5.9fixed 12.5.9
GitLab EE 12.4 and later through 12.7.2 has Incorrect Access Control.
- affected >= 10.1.0, < 12.5.9fixed 12.5.9
GitLab EE 10.1 through 12.7.2 allows Information Disclosure.
- affected < 12.5.9fixed 12.5.9
GitLab through 12.7.2 allows XSS.
- affected >= 12.0.0, < 12.5.9fixed 12.5.9
GitLab EE 12.2 has Insecure Permissions (issue 2 of 2).
- affected >= 11.0.0, < 12.5.9fixed 12.5.9
GitLab EE 11.0 and later through 12.7.2 allows XSS.
- affected >= 8.0.0, < 12.5.9fixed 12.5.9
GitLab EE 8.0 and later through 12.7.2 allows Information Disclosure.
- affected < 12.5.9fixed 12.5.9
GitLab EE 8.0 through 12.7.2 has Incorrect Access Control.
- affected >= 12.0.0, < 12.7.3fixed 12.7.3
GitLab EE 8.0 through 12.7.2 has Insecure Permissions (issue 1 of 2).
- affected >= 11.11.0, < 12.5.9fixed 12.5.9
GitLab EE 11.11 and later through 12.7.2 allows Directory Traversal.
- affected >= 8.9.0, < 12.5.9fixed 12.5.9
GitLab EE 8.9 and later through 12.7.2 has Insecure Permission
- affected >= 8.9.0, < 12.5.9fixed 12.5.9
GitLab EE 8.9 and later through 12.7.2 has Insecure Permission
- affected >= 8.9.0, < 12.6.2fixed 12.6.2
An issue was discovered in GitLab Enterprise Edition (EE) 8.9.0 through 12.6.1. Using the project import feature, it was possible for someone to obtain issues from private projects.
- affected >= 5.1.0, < 12.6.2fixed 12.6.2
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 5.1 through 12.6.1. It has Incorrect Access Control.
Page 54 of 54