Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:gitlab:gitlab:12.4.3:*:*:*:enterprise:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2019-19258 |
GitLab Enterprise Edition (EE) 10.8 and later through 12.5 has Incorrect Access Control. Published: January 03, 2020; 12:15:11 PM -0500 |
V4.0:(not available) V3.1: 5.3 MEDIUM V2.0: 5.0 MEDIUM |
CVE-2019-19257 |
GitLab Community Edition (CE) and Enterprise Edition (EE) through 12.5 has Incorrect Access Control (issue 1 of 2). Published: January 03, 2020; 12:15:11 PM -0500 |
V4.0:(not available) V3.1: 5.3 MEDIUM V2.0: 5.0 MEDIUM |
CVE-2019-19256 |
GitLab Enterprise Edition (EE) 12.2 and later through 12.5 has Incorrect Access Control. Published: January 03, 2020; 12:15:11 PM -0500 |
V4.0:(not available) V3.1: 5.3 MEDIUM V2.0: 5.0 MEDIUM |
CVE-2019-19255 |
GitLab Enterprise Edition (EE) 12.3 and later through 12.5 has Incorrect Access Control. Published: January 03, 2020; 12:15:11 PM -0500 |
V4.0:(not available) V3.1: 4.3 MEDIUM V2.0: 4.0 MEDIUM |
CVE-2019-19311 |
GitLab EE 8.14 through 12.5, 12.4.3, and 12.3.6 allows XSS in group and profile fields. Published: January 03, 2020; 11:15:11 AM -0500 |
V4.0:(not available) V3.1: 5.4 MEDIUM V2.0: 3.5 LOW |
CVE-2019-19254 |
GitLab Community Edition (CE) and Enterprise Edition (EE). 9.6 and later through 12.5 has Incorrect Access Control. Published: January 03, 2020; 11:15:10 AM -0500 |
V4.0:(not available) V3.1: 5.3 MEDIUM V2.0: 5.0 MEDIUM |
CVE-2019-19088 |
Gitlab Enterprise Edition (EE) 11.3 through 12.4.2 allows Directory Traversal. Published: January 03, 2020; 11:15:10 AM -0500 |
V4.0:(not available) V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2019-19087 |
Gitlab Enterprise Edition (EE) before 12.5.1 has Insecure Permissions (issue 2 of 2). Published: January 03, 2020; 11:15:10 AM -0500 |
V4.0:(not available) V3.1: 4.3 MEDIUM V2.0: 4.0 MEDIUM |
CVE-2019-19086 |
Gitlab Enterprise Edition (EE) before 12.5.1 has Insecure Permissions (issue 1 of 2). Published: January 03, 2020; 11:15:10 AM -0500 |
V4.0:(not available) V3.1: 4.3 MEDIUM V2.0: 4.0 MEDIUM |
CVE-2019-6781 |
An Improper Input Validation issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It was possible to use the profile name to inject a potentially malicious link into notification emails. Published: May 17, 2019; 12:29:05 PM -0400 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |