Vulnerabilities > Gitlab

DATE CVE VULNERABILITY TITLE RISK
2020-01-28 CVE-2019-15583 Information Exposure vulnerability in Gitlab
An information disclosure exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE).
network
low complexity
gitlab CWE-200
7.5
7.5
2020-01-28 CVE-2019-15582 Authorization Bypass Through User-Controlled Key vulnerability in Gitlab
An IDOR was discovered in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE) that allowed a maintainer to add any private group to a protected environment.
network
low complexity
gitlab CWE-639
5.3
5.3
2020-01-28 CVE-2019-15581 Authorization Bypass Through User-Controlled Key vulnerability in Gitlab
An IDOR exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE) that allowed a project owner or maintainer to see the members of any private group via merge request approval rules.
network
low complexity
gitlab CWE-639
5.3
5.3
2020-01-28 CVE-2019-15579 Unspecified vulnerability in Gitlab
An information disclosure exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE) where the assignee(s) of a confidential issue in a private project would be disclosed to a guest via milestones.
network
low complexity
gitlab
5.3
5.3
2020-01-28 CVE-2019-15578 Information Exposure vulnerability in Gitlab
An information disclosure exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE).
network
low complexity
gitlab CWE-200
5.3
5.3
2020-01-13 CVE-2019-20144 Unspecified vulnerability in Gitlab
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 10.8 through 12.6.1.
network
low complexity
gitlab
4.3
4.3
2020-01-13 CVE-2019-20143 Missing Authentication for Critical Function vulnerability in Gitlab 12.6.0
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 12.6.
network
low complexity
gitlab CWE-306
5.3
5.3
2020-01-13 CVE-2019-20142 Unspecified vulnerability in Gitlab
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 12.3 through 12.6.1.
network
low complexity
gitlab
4.3
4.3
2020-01-13 CVE-2020-6832 Unspecified vulnerability in Gitlab
An issue was discovered in GitLab Enterprise Edition (EE) 8.9.0 through 12.6.1.
network
low complexity
gitlab
5.3
5.3
2020-01-13 CVE-2020-5197 Information Exposure vulnerability in Gitlab
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 5.1 through 12.6.1.
network
low complexity
gitlab CWE-200
4.3
4.3