Vulnerabilities > Gitlab
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-05 | CVE-2019-19314 | Cleartext Storage of Sensitive Information vulnerability in Gitlab GitLab EE 8.4 through 12.5, 12.4.3, and 12.3.6 stored several tokens in plaintext. | 7.5 |
| 2020-01-05 | CVE-2019-19313 | Improper Handling of Exceptional Conditions vulnerability in Gitlab GitLab EE 12.3 through 12.5, 12.4.3, and 12.3.6 allows Denial of Service. | 7.5 |
| 2020-01-05 | CVE-2019-19312 | Unspecified vulnerability in Gitlab GitLab EE 8.14 through 12.5, 12.4.3, and 12.3.6 has Incorrect Access Control. | 5.8 |
| 2020-01-03 | CVE-2019-19310 | Insufficiently Protected Credentials vulnerability in Gitlab GitLab Enterprise Edition (EE) 9.0 and later through 12.5 allows Information Disclosure. | 4.9 |
| 2020-01-03 | CVE-2019-19309 | Unspecified vulnerability in Gitlab GitLab Enterprise Edition (EE) 8.90 and later through 12.5 has Incorrect Access Control. | 4.3 |
| 2020-01-03 | CVE-2019-19263 | Incorrect Permission Assignment for Critical Resource vulnerability in Gitlab GitLab Enterprise Edition (EE) 8.2 and later through 12.5 has Insecure Permissions. | 4.3 |
| 2020-01-03 | CVE-2019-19262 | Incorrect Permission Assignment for Critical Resource vulnerability in Gitlab GitLab Enterprise Edition (EE) 11.9 and later through 12.5 has Insecure Permissions. | 4.3 |
| 2020-01-03 | CVE-2019-19261 | Server-Side Request Forgery (SSRF) vulnerability in Gitlab GitLab Enterprise Edition (EE) 6.7 and later through 12.5 allows SSRF. | 8.8 |
| 2020-01-03 | CVE-2019-19260 | Unspecified vulnerability in Gitlab GitLab Community Edition (CE) and Enterprise Edition (EE) through 12.5 has Incorrect Access Control (issue 2 of 2). | 5.4 |
| 2020-01-03 | CVE-2019-19259 | Authorization Bypass Through User-Controlled Key vulnerability in Gitlab GitLab Enterprise Edition (EE) 11.3 and later through 12.5 allows an Insecure Direct Object Reference (IDOR). | 4.3 |