Vulnerabilities > Gitlab

DATE CVE VULNERABILITY TITLE RISK
2019-12-30 CVE-2018-20496 Cross-site Scripting vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition 11.2.x through 11.4.x before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1.
network
low complexity
gitlab CWE-79
5.4
5.4
2019-12-30 CVE-2018-20495 Information Exposure vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition 11.3.x and 11.4.x before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1.
network
low complexity
gitlab CWE-200
5.3
5.3
2019-12-30 CVE-2018-20494 Incorrect Authorization vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1.
network
low complexity
gitlab CWE-863
7.5
7.5
2019-12-30 CVE-2018-20493 Incorrect Authorization vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1.
network
low complexity
gitlab CWE-863
4.3
4.3
2019-12-30 CVE-2018-20491 Cross-site Scripting vulnerability in Gitlab
An issue was discovered in GitLab Enterprise Edition 11.3.x and 11.4.x before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1.
network
low complexity
gitlab CWE-79
5.4
5.4
2019-12-30 CVE-2018-20490 Cross-site Scripting vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition 11.2.x through 11.4.x before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1.
network
low complexity
gitlab CWE-79
5.4
5.4
2019-12-30 CVE-2018-20489 Improper Authentication vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1.
network
low complexity
gitlab CWE-287
5.3
5.3
2019-12-30 CVE-2018-20488 Information Exposure vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1.
network
low complexity
gitlab CWE-200
4.3
4.3
2019-12-26 CVE-2018-20492 Incorrect Authorization vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1.
network
low complexity
gitlab CWE-863
5.3
5.3
2019-12-20 CVE-2019-15584 Resource Exhaustion vulnerability in Gitlab
A denial of service exists in gitlab <v12.3.2, <v12.2.6, and <v12.1.10 that would let an attacker bypass input validation in markdown fields take down the affected page.
network
low complexity
gitlab CWE-400
6.5
6.5