Vulnerabilities > Gitlab

DATE CVE VULNERABILITY TITLE RISK
2019-05-17 CVE-2019-5883 Unspecified vulnerability in Gitlab
An Incorrect Access Control issue was discovered in GitLab Community and Enterprise Edition 6.0 and later but before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1.
network
low complexity
gitlab
critical
9.1
2019-05-17 CVE-2018-20500 Incorrect Permission Assignment for Critical Resource vulnerability in Gitlab
An insecure permissions issue was discovered in GitLab Community and Enterprise Edition 9.4 and later but before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1.
network
low complexity
gitlab CWE-732
7.5
2019-05-17 CVE-2018-19585 CRLF Injection vulnerability in Gitlab
GitLab CE/EE versions 8.18 up to 11.x before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1 have CRLF Injection in Project Mirroring when using the Git protocol.
network
low complexity
gitlab CWE-93
7.5
2019-05-16 CVE-2019-10112 Inadequate Encryption Strength vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2.
network
low complexity
gitlab CWE-326
7.5
2019-05-16 CVE-2019-10117 Open Redirect vulnerability in Gitlab
An Open Redirect issue was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2.
network
low complexity
gitlab CWE-601
6.1
2019-05-16 CVE-2019-10116 Incorrect Permission Assignment for Critical Resource vulnerability in Gitlab
An Insecure Permissions issue (issue 3 of 3) was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2.
network
low complexity
gitlab CWE-732
4.3
2019-05-16 CVE-2019-10115 Incorrect Permission Assignment for Critical Resource vulnerability in Gitlab
An Insecure Permissions issue (issue 2 of 3) was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2.
network
low complexity
gitlab CWE-732
6.5
2019-05-16 CVE-2019-10114 Information Exposure Through Discrepancy vulnerability in Gitlab
An Information Exposure issue (issue 2 of 2) was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2.
network
low complexity
gitlab CWE-203
7.5
2019-05-16 CVE-2019-10113 Resource Exhaustion vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2.
network
low complexity
gitlab CWE-400
7.5
2019-05-15 CVE-2019-10111 Cross-site Scripting vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2.
network
low complexity
gitlab CWE-79
5.4