Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-26 | CVE-2019-18452 | Incorrect Permission Assignment for Critical Resource vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition 11.3 through 12.4 when moving an issue to a public project from a private one. | 5.3 |
| 2019-11-26 | CVE-2019-18450 | Incorrect Permission Assignment for Critical Resource vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition before 12.4 in the Project labels feature. | 4.3 |
| 2019-11-26 | CVE-2019-18449 | Incorrect Permission Assignment for Critical Resource vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition before 12.4 in the autocomplete feature. | 4.3 |
| 2019-11-26 | CVE-2019-18447 | Incorrect Permission Assignment for Critical Resource vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition before 12.4. | 4.3 |
| 2019-11-26 | CVE-2019-18446 | Incorrect Permission Assignment for Critical Resource vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition 8.15 through 12.4. | 4.3 |
| 2019-11-26 | CVE-2019-18459 | Incorrect Permission Assignment for Critical Resource vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition 11.3 to 12.3 in the protected environments feature. | 5.3 |
| 2019-11-26 | CVE-2019-18463 | Incorrect Permission Assignment for Critical Resource vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition through 12.4. | 4.3 |
| 2019-11-26 | CVE-2019-18462 | Incorrect Permission Assignment for Critical Resource vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition 11.3 through 12.4. | 4.3 |
| 2019-11-25 | CVE-2019-13681 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Chrome Insufficient data validation in downloads in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass download restrictions via a crafted HTML page. | 4.3 |
| 2019-11-25 | CVE-2019-13679 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Chrome Insufficient policy enforcement in PDFium in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to show print dialogs via a crafted PDF file. | 3.3 |