VYPR

GitLab

by GitLab Inc.

Source repositories

CVEs (1,214)

  • CVE-2018-18647Dec 4, 2018
    risk 0.00cvss epss 0.01

    An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It has Missing Authorization.

  • CVE-2018-18646Dec 4, 2018
    risk 0.00cvss epss 0.01

    An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It allows SSRF.

  • CVE-2018-18641Dec 4, 2018
    risk 0.00cvss epss 0.01

    An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It has Cleartext Storage of Sensitive Information.

  • CVE-2018-18645Dec 4, 2018
    risk 0.00cvss epss 0.01

    An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It allows for Information Exposure via unsubscribe links in email replies.

  • CVE-2018-18644Dec 4, 2018
    risk 0.00cvss epss 0.01

    An issue was discovered in GitLab Community and Enterprise Edition 11.x before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It allows Information Exposure via a Gitlab Prometheus integration.

  • CVE-2018-18843Dec 4, 2018
    risk 0.00cvss epss 0.02

    The Kubernetes integration in GitLab Enterprise Edition 11.x before 11.2.8, 11.3.x before 11.3.9, and 11.4.x before 11.4.4 has SSRF.

  • CVE-2018-18642Dec 4, 2018
    risk 0.00cvss epss 0.01

    An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It has XSS.

  • CVE-2018-17975Dec 4, 2018
    risk 0.00cvss epss 0.01

    An issue was discovered in GitLab Community Edition 11.x before 11.1.8, 11.2.x before 11.2.5, and 11.3.x before 11.3.2. There is Information Exposure via the GFM markdown API.

  • CVE-2018-18648Dec 4, 2018
    risk 0.00cvss epss 0.01

    An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It has Information Exposure Through an Error Message.

  • CVE-2013-4489May 17, 2014
    risk 0.00cvss epss 0.01

    The Grit gem for Ruby, as used in GitLab 5.2 before 5.4.1 and 6.x before 6.2.3, allows remote authenticated users to execute arbitrary commands, as demonstrated by the search box for the GitLab code search feature.

  • CVE-2014-3456May 13, 2014
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in GitLab Enterprise Edition (EE) 6.6.0 before 6.6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2013-4546May 13, 2014
    risk 0.00cvss epss 0.02

    The repository import feature in gitlab-shell before 1.7.4, as used in GitLab, allows remote authenticated users to execute arbitrary commands via the import URL.

  • CVE-2013-4581May 12, 2014
    risk 0.00cvss epss 0.02

    GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, Enterprise Edition before 6.2.1 and gitlab-shell before 1.7.8 allows remote attackers to execute arbitrary code via a crafted change using SSH.

  • CVE-2013-4580May 12, 2014
    risk 0.00cvss epss 0.01

    GitLab before 5.4.2, Community Edition before 6.2.4, and Enterprise Edition before 6.2.1, when using a MySQL backend, allows remote attackers to impersonate arbitrary users and bypass authentication via unspecified API calls.

Page 61 of 61