Vulnerabilities > Gitlab > Gitlab > 12.5.8

DATE CVE VULNERABILITY TITLE RISK
2020-02-05 CVE-2020-7977 Incorrect Default Permissions vulnerability in Gitlab
GitLab EE 8.8 and later through 12.7.2 has Insecure Permissions.
network
gitlab CWE-276
4.3
4.3
2020-02-05 CVE-2020-7976 Information Exposure vulnerability in Gitlab
GitLab EE 12.4 and later through 12.7.2 has Incorrect Access Control.
network
low complexity
gitlab CWE-200
5.0
5.0
2020-02-05 CVE-2020-7974 Information Exposure vulnerability in Gitlab
GitLab EE 10.1 through 12.7.2 allows Information Disclosure.
network
low complexity
gitlab CWE-200
5.0
5.0
2020-02-05 CVE-2020-7973 Cross-site Scripting vulnerability in Gitlab
GitLab through 12.7.2 allows XSS.
network
gitlab CWE-79
4.3
4.3
2020-02-05 CVE-2020-7972 Incorrect Default Permissions vulnerability in Gitlab
GitLab EE 12.2 has Insecure Permissions (issue 2 of 2).
network
low complexity
gitlab CWE-276
5.0
5.0
2020-02-05 CVE-2020-7971 Cross-site Scripting vulnerability in Gitlab
GitLab EE 11.0 and later through 12.7.2 allows XSS.
network
gitlab CWE-79
4.3
4.3
2020-02-05 CVE-2020-7969 Information Exposure vulnerability in Gitlab
GitLab EE 8.0 and later through 12.7.2 allows Information Disclosure.
network
low complexity
gitlab CWE-200
5.0
5.0
2020-02-05 CVE-2020-7968 Improper Authentication vulnerability in Gitlab
GitLab EE 8.0 through 12.7.2 has Incorrect Access Control.
network
low complexity
gitlab CWE-287
5.0
5.0
2020-02-05 CVE-2020-7967 Incorrect Default Permissions vulnerability in Gitlab
GitLab EE 8.0 through 12.7.2 has Insecure Permissions (issue 1 of 2).
network
low complexity
gitlab CWE-276
4.0
4.0
2020-02-05 CVE-2020-7966 Path Traversal vulnerability in Gitlab
GitLab EE 11.11 and later through 12.7.2 allows Directory Traversal.
network
low complexity
gitlab CWE-22
5.0
5.0