VYPR

GitLab

by GitLab Inc.

Source repositories

CVEs (1,214)

  • CVE-2019-15586Jan 28, 2020
    risk 0.00cvss epss 0.01

    A XSS exists in Gitlab CE/EE < 12.1.10 in the Mermaid plugin.

  • CVE-2019-20143Jan 13, 2020
    risk 0.00cvss epss 0.01

    An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 12.6. It has Incorrect Access Control.

  • CVE-2019-20146Jan 13, 2020
    risk 0.00cvss epss 0.01

    An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 11.0 through 12.6. It allows Uncontrolled Resource Consumption.

  • CVE-2019-20148Jan 13, 2020
    risk 0.00cvss epss 0.01

    An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 8.13 through 12.6.1. It has Incorrect Access Control.

  • CVE-2020-5197Jan 13, 2020
    risk 0.00cvss epss 0.01

    An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 5.1 through 12.6.1. It has Incorrect Access Control.

  • CVE-2019-19260Jan 3, 2020
    risk 0.00cvss epss 0.01

    GitLab Community Edition (CE) and Enterprise Edition (EE) through 12.5 has Incorrect Access Control (issue 2 of 2).

  • CVE-2018-20490Dec 30, 2019
    risk 0.00cvss epss 0.01

    An issue was discovered in GitLab Community and Enterprise Edition 11.2.x through 11.4.x before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It allows XSS.

  • CVE-2018-20493Dec 30, 2019
    risk 0.00cvss epss 0.01

    An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It has Incorrect Access Control.

  • CVE-2018-20496Dec 30, 2019
    risk 0.00cvss epss 0.01

    An issue was discovered in GitLab Community and Enterprise Edition 11.2.x through 11.4.x before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It allows XSS.

  • CVE-2019-15584Dec 20, 2019
    risk 0.00cvss epss 0.01

    A denial of service exists in gitlab <v12.3.2, <v12.2.6, and <v12.1.10 that would let an attacker bypass input validation in markdown fields take down the affected page.

  • CVE-2019-15589Dec 18, 2019
    risk 0.00cvss epss 0.01

    An improper access control vulnerability exists in Gitlab <v12.3.2, <v12.2.6, <v12.1.12 which would allow a blocked user would be able to use GIT clone and pull if he had obtained a CI/CD token before.

  • CVE-2019-5487Dec 18, 2019
    risk 0.00cvss epss 0.01

    An improper access control vulnerability exists in Gitlab EE <v12.3.3, <v12.2.7, & <v12.1.13 that allowed the group search feature with Elasticsearch to return private code, merge requests and commits.

  • CVE-2019-5469Dec 18, 2019
    risk 0.00cvss epss 0.01

    An IDOR vulnerability exists in GitLab <v12.1.2, <v12.0.4, and <v11.11.6 that allowed uploading files from project archive to replace other users files potentially allowing an attacker to replace project binaries or other uploaded assets.

  • CVE-2019-15580Dec 18, 2019
    risk 0.00cvss epss 0.01

    An information exposure vulnerability exists in gitlab.com <v12.3.2, <v12.2.6, and <v12.1.10 when using the blocking merge request feature, it was possible for an unauthenticated user to see the head pipeline data of a public project even though pipeline visibility was…

  • CVE-2019-15591Dec 18, 2019
    risk 0.00cvss epss 0.01

    An improper access control vulnerability exists in GitLab <12.3.3 that allows an attacker to obtain container and dependency scanning reports through the merge request widget even though public pipelines were disabled.

  • CVE-2019-18448Nov 26, 2019
    risk 0.00cvss epss 0.01

    An issue was discovered in GitLab Community and Enterprise Edition before 12.4. It has Incorrect Access Control.

  • CVE-2019-18449Nov 26, 2019
    risk 0.00cvss epss 0.01

    An issue was discovered in GitLab Community and Enterprise Edition before 12.4 in the autocomplete feature. It has Insecure Permissions (issue 2 of 2).

  • CVE-2019-18450Nov 26, 2019
    risk 0.00cvss epss 0.01

    An issue was discovered in GitLab Community and Enterprise Edition before 12.4 in the Project labels feature. It has Insecure Permissions.

  • CVE-2019-18452Nov 26, 2019
    risk 0.00cvss epss 0.01

    An issue was discovered in GitLab Community and Enterprise Edition 11.3 through 12.4 when moving an issue to a public project from a private one. It has Insecure Permissions.

  • CVE-2019-18453Nov 26, 2019
    risk 0.00cvss epss 0.01

    An issue was discovered in GitLab Community and Enterprise Edition 11.6 through 12.4 in the add comments via email feature. It has Insecure Permissions.

Page 56 of 61