Vulnerabilities > Gitlab > Gitlab > 5.2.1

DATE CVE VULNERABILITY TITLE RISK
2019-12-18 CVE-2019-15580 Information Exposure vulnerability in Gitlab
An information exposure vulnerability exists in gitlab.com <v12.3.2, <v12.2.6, and <v12.1.10 when using the blocking merge request feature, it was possible for an unauthenticated user to see the head pipeline data of a public project even though pipeline visibility was restricted.
network
low complexity
gitlab CWE-200
4.0
4.0
2019-12-18 CVE-2019-15577 Improper Restriction of Excessive Authentication Attempts vulnerability in Gitlab
An information disclosure vulnerability exists in GitLab CE/EE <v12.3.2, <v12.2.6, and <v12.1.12 that allowed project milestones to be disclosed via groups browsing.
network
low complexity
gitlab CWE-307
4.0
4.0
2019-12-18 CVE-2019-15576 Missing Authorization vulnerability in Gitlab
An information disclosure vulnerability exists in GitLab CE/EE <v12.3.2, <v12.2.6, and <v12.1.12 that allowed an attacker to view private system notes from a GraphQL endpoint.
network
low complexity
gitlab CWE-862
5.0
5.0
2019-12-18 CVE-2019-15575 Command Injection vulnerability in Gitlab
A command injection exists in GitLab CE/EE <v12.3.2, <v12.2.6, and <v12.1.12 that allowed an attacker to inject commands via the API through the blobs scope.
network
low complexity
gitlab CWE-77
5.0
5.0
2019-11-26 CVE-2019-18450 Incorrect Permission Assignment for Critical Resource vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition before 12.4 in the Project labels feature.
network
low complexity
gitlab CWE-732
4.0
4.0
2019-11-26 CVE-2019-18449 Incorrect Permission Assignment for Critical Resource vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition before 12.4 in the autocomplete feature.
network
low complexity
gitlab CWE-732
4.0
4.0
2019-11-26 CVE-2019-18448 Information Exposure vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition before 12.4.
network
low complexity
gitlab CWE-200
4.0
4.0
2019-11-26 CVE-2019-18447 Incorrect Permission Assignment for Critical Resource vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition before 12.4.
network
low complexity
gitlab CWE-732
4.0
4.0
2019-11-26 CVE-2019-18463 Incorrect Permission Assignment for Critical Resource vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition through 12.4.
network
low complexity
gitlab CWE-732
4.0
4.0
2019-09-16 CVE-2019-15737 Unspecified vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition through 12.2.1.
network
low complexity
gitlab
6.4
6.4