Vulnerabilities > Gitlab
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-09-09 | CVE-2019-11548 | Cross-site Scripting vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition before 11.8.9. | 3.5 |
2019-09-09 | CVE-2019-11547 | Cross-site Scripting vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition before 11.8.9, 11.9.x before 11.9.10, and 11.10.x before 11.10.2. | 4.3 |
2019-09-09 | CVE-2019-11546 | Race Condition vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition before 11.8.9, 11.9.x before 11.9.10, and 11.10.x before 11.10.2. | 3.5 |
2019-09-09 | CVE-2019-11545 | Information Exposure vulnerability in Gitlab An issue was discovered in GitLab Community Edition 11.9.x before 11.9.10 and 11.10.x before 11.10.2. | 4.0 |
2019-09-09 | CVE-2019-11544 | Unspecified vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition 8.x, 9.x, 10.x, and 11.x before 11.8.9, 11.9.x before 11.9.10, and 11.10.x before 11.10.2. | 4.0 |
2019-09-09 | CVE-2019-5473 | Improper Authentication vulnerability in Gitlab 12.0.4/12.1.2 An authentication issue was discovered in GitLab that allowed a bypass of email verification. | 7.2 |
2019-09-09 | CVE-2019-5471 | Cross-site Scripting vulnerability in Gitlab An input validation and output encoding issue was discovered in the GitLab email notification feature which could result in a persistent XSS. | 5.4 |
2019-09-09 | CVE-2019-5467 | Cross-site Scripting vulnerability in Gitlab An input validation and output encoding issue was discovered in the GitLab CE/EE wiki pages feature which could result in a persistent XSS. | 5.4 |
2019-09-09 | CVE-2019-5463 | Missing Authorization vulnerability in Gitlab An authorization issue was discovered in the GitLab CE/EE CI badge images endpoint which could result in disclosure of the build status. | 5.3 |
2019-09-09 | CVE-2019-5461 | Improper Input Validation vulnerability in Gitlab An input validation problem was discovered in the GitHub service integration which could result in an attacker being able to make arbitrary POST requests in a GitLab instance's internal network. | 4.0 |