Vulnerabilities > Gitlab

DATE CVE VULNERABILITY TITLE RISK
2019-05-15 CVE-2019-10110 Incorrect Permission Assignment for Critical Resource vulnerability in Gitlab
An Insecure Permissions issue (issue 1 of 3) was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2.
network
low complexity
gitlab CWE-732
6.5
6.5
2019-05-15 CVE-2019-10109 Information Exposure vulnerability in Gitlab
An Information Exposure issue (issue 1 of 2) was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2.
network
low complexity
gitlab CWE-200
5.3
5.3
2019-05-15 CVE-2019-10108 Authorization Bypass Through User-Controlled Key vulnerability in Gitlab
An Incorrect Access Control (issue 1 of 2) was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2.
network
low complexity
gitlab CWE-639
5.4
5.4
2019-05-15 CVE-2019-10640 Command Injection vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition before 11.7.10, 11.8.x before 11.8.6, and 11.9.x before 11.9.4.
network
low complexity
gitlab CWE-77
7.5
7.5
2019-05-10 CVE-2019-11000 Unspecified vulnerability in Gitlab
An issue was discovered in GitLab Enterprise Edition before 11.7.11, 11.8.x before 11.8.7, and 11.9.x before 11.9.7.
network
low complexity
gitlab
6.5
6.5
2019-04-25 CVE-2018-19359 Unspecified vulnerability in Gitlab
GitLab Community and Enterprise Edition 8.9 and later and before 11.5.0-rc12, 11.4.6, and 11.3.10 has Incorrect Access Control.
network
low complexity
gitlab
8.8
8.8
2019-04-25 CVE-2018-18643 Cross-site Scripting vulnerability in Gitlab
GitLab CE & EE 11.2 and later and before 11.5.0-rc12, 11.4.6, and 11.3.10 have Persistent XSS.
network
low complexity
gitlab CWE-79
6.1
6.1
2019-04-17 CVE-2019-9890 Unspecified vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition 10.x and 11.x before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1.
network
low complexity
gitlab
critical
 9.1
9.1
2019-04-17 CVE-2019-9756 Authorization Bypass Through User-Controlled Key vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition 10.x (starting from 10.8) and 11.x before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1.
network
low complexity
gitlab CWE-639
critical
 9.8
9.8
2019-04-17 CVE-2019-9225 Information Exposure vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1.
network
low complexity
gitlab CWE-200
5.3
5.3