Vulnerabilities > Gitlab > Gitlab > 8.9.9

DATE CVE VULNERABILITY TITLE RISK
2019-04-17 CVE-2019-9171 Information Exposure vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1.
network
gitlab CWE-200
4.3
4.3
2019-04-17 CVE-2019-9170 Authorization Bypass Through User-Controlled Key vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1.
network
low complexity
gitlab CWE-639
5.0
5.0
2019-04-11 CVE-2019-6796 Cross-site Scripting vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1.
network
gitlab CWE-79
4.3
4.3
2019-04-04 CVE-2018-20229 Path Traversal vulnerability in Gitlab
GitLab Community and Enterprise Edition before 11.3.14, 11.4.x before 11.4.12, and 11.5.x before 11.5.5 allows Directory Traversal.
network
low complexity
gitlab CWE-22
5.0
5.0
2019-03-26 CVE-2018-19856 Path Traversal vulnerability in Gitlab
GitLab CE/EE before 11.3.12, 11.4.x before 11.4.10, and 11.5.x before 11.5.3 allows Directory Traversal in Templates API.
network
low complexity
gitlab CWE-22
5.0
5.0
2019-03-25 CVE-2019-6240 Path Traversal vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition before 11.4.
network
low complexity
gitlab CWE-22
5.0
5.0
2018-12-04 CVE-2018-18646 Server-Side Request Forgery (SSRF) vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3.
network
low complexity
gitlab CWE-918
6.5
6.5
2018-12-04 CVE-2018-18645 Information Exposure vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3.
network
gitlab CWE-200
4.3
4.3
2018-12-04 CVE-2018-18640 Information Exposure vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3.
network
low complexity
gitlab CWE-200
4.0
4.0
2018-08-03 CVE-2018-12607 Cross-site Scripting vulnerability in Gitlab
An issue was discovered in GitLab Community Edition and Enterprise Edition before 10.7.6, 10.8.x before 10.8.5, and 11.x before 11.0.1.
network
gitlab CWE-79
3.5
3.5