Vulnerabilities > Gitlab > Gitlab > 12.4.3

DATE CVE VULNERABILITY TITLE RISK
2020-01-03 CVE-2019-19256 Information Exposure vulnerability in Gitlab
GitLab Enterprise Edition (EE) 12.2 and later through 12.5 has Incorrect Access Control.
network
low complexity
gitlab CWE-200
5.0
5.0
2020-01-03 CVE-2019-19255 Unspecified vulnerability in Gitlab
GitLab Enterprise Edition (EE) 12.3 and later through 12.5 has Incorrect Access Control.
network
low complexity
gitlab
4.0
4.0
2020-01-03 CVE-2019-19311 Cross-site Scripting vulnerability in Gitlab
GitLab EE 8.14 through 12.5, 12.4.3, and 12.3.6 allows XSS in group and profile fields.
network
gitlab CWE-79
3.5
3.5
2020-01-03 CVE-2019-19254 Information Exposure vulnerability in Gitlab
GitLab Community Edition (CE) and Enterprise Edition (EE).
network
low complexity
gitlab CWE-200
5.0
5.0
2020-01-03 CVE-2019-19088 Path Traversal vulnerability in Gitlab
Gitlab Enterprise Edition (EE) 11.3 through 12.4.2 allows Directory Traversal.
network
low complexity
gitlab CWE-22
7.5
7.5
2020-01-03 CVE-2019-19087 Incorrect Permission Assignment for Critical Resource vulnerability in Gitlab
Gitlab Enterprise Edition (EE) before 12.5.1 has Insecure Permissions (issue 2 of 2).
network
low complexity
gitlab CWE-732
4.0
4.0
2020-01-03 CVE-2019-19086 Incorrect Permission Assignment for Critical Resource vulnerability in Gitlab
Gitlab Enterprise Edition (EE) before 12.5.1 has Insecure Permissions (issue 1 of 2).
network
low complexity
gitlab CWE-732
4.0
4.0