Vulnerabilities > Gitlab > Gitlab > 11.11.4
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-09-16 | CVE-2019-15726 | Information Exposure vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition through 12.2.1. | 5.0 |
2019-09-16 | CVE-2019-15724 | Cross-site Scripting vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition 11.10 through 12.2.1. | 4.3 |
2019-09-16 | CVE-2019-15722 | Allocation of Resources Without Limits or Throttling vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition 8.15 through 12.2.1. | 5.0 |
2019-09-16 | CVE-2019-15721 | Incorrect Permission Assignment for Critical Resource vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition 10.8 through 12.2.1. | 5.5 |
2019-09-16 | CVE-2019-16170 | Unspecified vulnerability in Gitlab An issue was discovered in GitLab Enterprise Edition 11.x and 12.x before 12.0.9, 12.1.x before 12.1.9, and 12.2.x before 12.2.5. | 5.5 |
2019-09-09 | CVE-2019-5471 | Cross-site Scripting vulnerability in Gitlab An input validation and output encoding issue was discovered in the GitLab email notification feature which could result in a persistent XSS. | 5.4 |
2019-09-09 | CVE-2019-5467 | Cross-site Scripting vulnerability in Gitlab An input validation and output encoding issue was discovered in the GitLab CE/EE wiki pages feature which could result in a persistent XSS. | 5.4 |
2019-09-09 | CVE-2019-5463 | Missing Authorization vulnerability in Gitlab An authorization issue was discovered in the GitLab CE/EE CI badge images endpoint which could result in disclosure of the build status. | 5.3 |
2019-09-09 | CVE-2019-5461 | Improper Input Validation vulnerability in Gitlab An input validation problem was discovered in the GitHub service integration which could result in an attacker being able to make arbitrary POST requests in a GitLab instance's internal network. | 4.0 |