Vulnerabilities > Gitlab > Gitlab > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-28 | CVE-2019-15585 | Improper Authentication vulnerability in Gitlab Improper authentication exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE) in the GitLab SAML integration had a validation issue that permitted an attacker to takeover another user's account. | 7.5 |
| 2020-01-05 | CVE-2019-19628 | Path Traversal vulnerability in Gitlab In GitLab EE 11.3 through 12.5.3, 12.4.5, and 12.3.8, insufficient parameter sanitization for the Maven package registry could lead to privilege escalation and remote code execution vulnerabilities under certain conditions. | 7.5 |
| 2020-01-03 | CVE-2019-19088 | Path Traversal vulnerability in Gitlab Gitlab Enterprise Edition (EE) 11.3 through 12.4.2 allows Directory Traversal. | 7.5 |
| 2019-09-09 | CVE-2019-6960 | Unspecified vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition 9.x, 10.x, and 11.x before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. | 7.5 |
| 2019-09-09 | CVE-2019-5473 | Improper Authentication vulnerability in Gitlab 12.0.4/12.1.2 An authentication issue was discovered in GitLab that allowed a bypass of email verification. | 7.2 |
| 2019-08-29 | CVE-2019-14943 | Use of Hard-coded Credentials vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition 12.0 through 12.1.4. | 7.5 |
| 2019-07-10 | CVE-2018-19571 | Server-Side Request Forgery (SSRF) vulnerability in Gitlab GitLab CE/EE, versions 8.18 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an SSRF vulnerability in webhooks. | 7.7 |
| 2019-05-29 | CVE-2019-9732 | Unspecified vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition 10.x (starting from 10.8) and 11.x before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. | 7.5 |
| 2019-05-29 | CVE-2019-9485 | Unspecified vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. | 7.5 |
| 2019-05-29 | CVE-2019-9218 | Unspecified vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. | 7.5 |