Filtered by vendor Gitlab
Subscriptions
Filtered by product Gitlab
Subscriptions
Total
1055 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2018-20493 | 1 Gitlab | 1 Gitlab | 2024-08-05 | 4.3 Medium |
An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It has Incorrect Access Control. | ||||
CVE-2018-20497 | 1 Gitlab | 1 Gitlab | 2024-08-05 | 5.0 Medium |
An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It allows SSRF. | ||||
CVE-2018-20489 | 1 Gitlab | 1 Gitlab | 2024-08-05 | 5.3 Medium |
An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It has Incorrect Access Control. | ||||
CVE-2018-20492 | 1 Gitlab | 1 Gitlab | 2024-08-05 | 5.3 Medium |
An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It has Incorrect Access Control (issue 2 of 6). | ||||
CVE-2018-20494 | 1 Gitlab | 1 Gitlab | 2024-08-05 | 7.5 High |
An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It has Incorrect Access Control. | ||||
CVE-2018-20500 | 1 Gitlab | 1 Gitlab | 2024-08-05 | N/A |
An insecure permissions issue was discovered in GitLab Community and Enterprise Edition 9.4 and later but before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. The runner registration token in the CI/CD settings could not be reset. This was a security risk if one of the maintainers leaves the group and they know the token. | ||||
CVE-2018-20488 | 1 Gitlab | 1 Gitlab | 2024-08-05 | 4.3 Medium |
An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It allows Information Exposure. | ||||
CVE-2018-20490 | 1 Gitlab | 1 Gitlab | 2024-08-05 | 5.4 Medium |
An issue was discovered in GitLab Community and Enterprise Edition 11.2.x through 11.4.x before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It allows XSS. | ||||
CVE-2018-20496 | 1 Gitlab | 1 Gitlab | 2024-08-05 | 5.4 Medium |
An issue was discovered in GitLab Community and Enterprise Edition 11.2.x through 11.4.x before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It allows XSS. | ||||
CVE-2018-20491 | 1 Gitlab | 1 Gitlab | 2024-08-05 | 5.4 Medium |
An issue was discovered in GitLab Enterprise Edition 11.3.x and 11.4.x before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It allows XSS. | ||||
CVE-2018-20501 | 1 Gitlab | 1 Gitlab | 2024-08-05 | 6.3 Medium |
An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It has Incorrect Access Control. | ||||
CVE-2018-20507 | 1 Gitlab | 1 Gitlab | 2024-08-05 | 5.3 Medium |
An issue was discovered in GitLab Enterprise Edition 11.2.x through 11.4.x before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It has Incorrect Access Control. | ||||
CVE-2018-20495 | 1 Gitlab | 1 Gitlab | 2024-08-05 | 5.3 Medium |
An issue was discovered in GitLab Community and Enterprise Edition 11.3.x and 11.4.x before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It allows Information Exposure. | ||||
CVE-2018-20499 | 1 Gitlab | 1 Gitlab | 2024-08-05 | 7.2 High |
An issue was discovered in GitLab Community and Enterprise Edition before 11.x before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It allows SSRF. | ||||
CVE-2018-20229 | 1 Gitlab | 1 Gitlab | 2024-08-05 | N/A |
GitLab Community and Enterprise Edition before 11.3.14, 11.4.x before 11.4.12, and 11.5.x before 11.5.5 allows Directory Traversal. | ||||
CVE-2018-20144 | 1 Gitlab | 1 Gitlab | 2024-08-05 | N/A |
GitLab Community and Enterprise Edition 11.x before 11.3.13, 11.4.x before 11.4.11, and 11.5.x before 11.5.4 has Incorrect Access Control. | ||||
CVE-2018-19856 | 1 Gitlab | 1 Gitlab | 2024-08-05 | N/A |
GitLab CE/EE before 11.3.12, 11.4.x before 11.4.10, and 11.5.x before 11.5.3 allows Directory Traversal in Templates API. | ||||
CVE-2018-19571 | 1 Gitlab | 1 Gitlab | 2024-08-05 | 7.7 High |
GitLab CE/EE, versions 8.18 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an SSRF vulnerability in webhooks. | ||||
CVE-2018-19576 | 1 Gitlab | 1 Gitlab | 2024-08-05 | N/A |
GitLab CE/EE, versions 8.6 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an access control issue that allows a Guest user to make changes to or delete their own comments on an issue, after the issue was made Confidential. | ||||
CVE-2018-19580 | 1 Gitlab | 1 Gitlab | 2024-08-05 | N/A |
All versions of GitLab prior to 11.5.1, 11.4.8, and 11.3.11 do not send an email to the old email address when an email address change is made. |