Vulnerabilities > Gitlab > Gitlab > 12.2.0

DATE CVE VULNERABILITY TITLE RISK
2020-01-28 CVE-2019-15581 Authorization Bypass Through User-Controlled Key vulnerability in Gitlab
An IDOR exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE) that allowed a project owner or maintainer to see the members of any private group via merge request approval rules.
network
low complexity
gitlab CWE-639
5.0
5.0
2020-01-28 CVE-2019-15579 Unspecified vulnerability in Gitlab
An information disclosure exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE) where the assignee(s) of a confidential issue in a private project would be disclosed to a guest via milestones.
network
low complexity
gitlab
5.0
5.0
2020-01-28 CVE-2019-15578 Information Exposure vulnerability in Gitlab
An information disclosure exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE).
network
low complexity
gitlab CWE-200
5.0
5.0
2020-01-13 CVE-2019-20144 Unspecified vulnerability in Gitlab
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 10.8 through 12.6.1.
network
low complexity
gitlab
4.0
4.0
2020-01-13 CVE-2020-6832 Information Exposure vulnerability in Gitlab
An issue was discovered in GitLab Enterprise Edition (EE) 8.9.0 through 12.6.1.
network
low complexity
gitlab CWE-200
5.0
5.0
2020-01-13 CVE-2020-5197 Incorrect Authorization vulnerability in Gitlab
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 5.1 through 12.6.1.
network
gitlab CWE-863
3.5
3.5
2020-01-13 CVE-2019-20148 Information Exposure vulnerability in Gitlab
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 8.13 through 12.6.1.
network
gitlab CWE-200
4.3
4.3
2020-01-13 CVE-2019-20147 Information Exposure vulnerability in Gitlab
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 9.1 through 12.6.1.
network
low complexity
gitlab CWE-200
5.0
5.0
2020-01-13 CVE-2019-20146 Resource Exhaustion vulnerability in Gitlab
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 11.0 through 12.6.
network
low complexity
gitlab CWE-400
5.0
5.0
2020-01-13 CVE-2019-20145 Unspecified vulnerability in Gitlab
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 11.4 through 12.6.1.
network
low complexity
gitlab
4.0
4.0