Vulnerabilities > Gitlab > Gitlab > 8.1.4

DATE CVE VULNERABILITY TITLE RISK
2019-12-18 CVE-2019-15576 Missing Authorization vulnerability in Gitlab
An information disclosure vulnerability exists in GitLab CE/EE <v12.3.2, <v12.2.6, and <v12.1.12 that allowed an attacker to view private system notes from a GraphQL endpoint.
network
low complexity
gitlab CWE-862
5.0
5.0
2019-12-18 CVE-2019-15575 Command Injection vulnerability in Gitlab
A command injection exists in GitLab CE/EE <v12.3.2, <v12.2.6, and <v12.1.12 that allowed an attacker to inject commands via the API through the blobs scope.
network
low complexity
gitlab CWE-77
5.0
5.0
2019-11-26 CVE-2019-18450 Incorrect Permission Assignment for Critical Resource vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition before 12.4 in the Project labels feature.
network
low complexity
gitlab CWE-732
4.0
4.0
2019-11-26 CVE-2019-18449 Incorrect Permission Assignment for Critical Resource vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition before 12.4 in the autocomplete feature.
network
low complexity
gitlab CWE-732
4.0
4.0
2019-11-26 CVE-2019-18448 Information Exposure vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition before 12.4.
network
low complexity
gitlab CWE-200
4.0
4.0
2019-11-26 CVE-2019-18447 Incorrect Permission Assignment for Critical Resource vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition before 12.4.
network
low complexity
gitlab CWE-732
4.0
4.0
2019-11-26 CVE-2019-18463 Incorrect Permission Assignment for Critical Resource vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition through 12.4.
network
low complexity
gitlab CWE-732
4.0
4.0
2019-09-16 CVE-2019-15740 Information Exposure vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition 7.9 through 12.2.1.
network
low complexity
gitlab CWE-200
5.0
5.0
2019-09-16 CVE-2019-15739 Cross-site Scripting vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition 8.1 through 12.2.1.
network
gitlab CWE-79
4.3
4.3
2019-09-16 CVE-2019-15737 Unspecified vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition through 12.2.1.
network
low complexity
gitlab
6.4
6.4