Vulnerabilities > Gitlab > Gitlab > 12.3.7

DATE CVE VULNERABILITY TITLE RISK
2020-01-13 CVE-2019-20144 Unspecified vulnerability in Gitlab
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 10.8 through 12.6.1.
network
low complexity
gitlab
4.0
4.0
2020-01-13 CVE-2019-20142 Unspecified vulnerability in Gitlab
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 12.3 through 12.6.1.
network
low complexity
gitlab
4.0
4.0
2020-01-13 CVE-2020-6832 Information Exposure vulnerability in Gitlab
An issue was discovered in GitLab Enterprise Edition (EE) 8.9.0 through 12.6.1.
network
low complexity
gitlab CWE-200
5.0
5.0
2020-01-13 CVE-2020-5197 Incorrect Authorization vulnerability in Gitlab
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 5.1 through 12.6.1.
network
gitlab CWE-863
3.5
3.5
2020-01-13 CVE-2019-20148 Information Exposure vulnerability in Gitlab
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 8.13 through 12.6.1.
network
gitlab CWE-200
4.3
4.3
2020-01-13 CVE-2019-20147 Information Exposure vulnerability in Gitlab
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 9.1 through 12.6.1.
network
low complexity
gitlab CWE-200
5.0
5.0
2020-01-13 CVE-2019-20146 Resource Exhaustion vulnerability in Gitlab
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 11.0 through 12.6.
network
low complexity
gitlab CWE-400
5.0
5.0
2020-01-13 CVE-2019-20145 Unspecified vulnerability in Gitlab
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 11.4 through 12.6.1.
network
low complexity
gitlab
4.0
4.0
2020-01-05 CVE-2019-19629 Information Exposure vulnerability in Gitlab
In GitLab EE 10.5 through 12.5.3, 12.4.5, and 12.3.8, when transferring a public project to a private group, private code would be disclosed via the Group Search API provided by the Elasticsearch integration.
network
low complexity
gitlab CWE-200
5.0
5.0
2020-01-05 CVE-2019-19628 Path Traversal vulnerability in Gitlab
In GitLab EE 11.3 through 12.5.3, 12.4.5, and 12.3.8, insufficient parameter sanitization for the Maven package registry could lead to privilege escalation and remote code execution vulnerabilities under certain conditions.
network
low complexity
gitlab CWE-22
7.5
7.5