Vulnerabilities > Gitlab > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-10 | CVE-2019-12443 | Server-Side Request Forgery (SSRF) vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition 10.2 through 11.11. | 9.8 |
| 2020-03-10 | CVE-2019-12428 | Unspecified vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition 6.8 through 11.11. | 9.8 |
| 2020-03-06 | CVE-2020-8113 | Improper Privilege Management vulnerability in Gitlab GitLab 10.7 and later through 12.7.2 has Incorrect Access Control. | 9.8 |
| 2020-02-05 | CVE-2020-8114 | Incorrect Default Permissions vulnerability in Gitlab GitLab EE 8.9 and later through 12.7.2 has Insecure Permission | 9.8 |
| 2020-01-28 | CVE-2019-5464 | Server-Side Request Forgery (SSRF) vulnerability in Gitlab A flawed DNS rebinding protection issue was discovered in GitLab CE/EE 10.2 and later in the `url_blocker.rb` which could result in SSRF where the library is utilized. | 9.8 |
| 2020-01-28 | CVE-2019-15585 | Improper Authentication vulnerability in Gitlab Improper authentication exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE) in the GitLab SAML integration had a validation issue that permitted an attacker to takeover another user's account. | 9.8 |
| 2020-01-05 | CVE-2019-19628 | Path Traversal vulnerability in Gitlab In GitLab EE 11.3 through 12.5.3, 12.4.5, and 12.3.8, insufficient parameter sanitization for the Maven package registry could lead to privilege escalation and remote code execution vulnerabilities under certain conditions. | 9.8 |
| 2020-01-03 | CVE-2019-19088 | Path Traversal vulnerability in Gitlab Gitlab Enterprise Edition (EE) 11.3 through 12.4.2 allows Directory Traversal. | 9.8 |
| 2019-09-16 | CVE-2019-15741 | Unspecified vulnerability in Gitlab Omnibus An issue was discovered in GitLab Omnibus 7.4 through 12.2.1. | 9.8 |
| 2019-09-09 | CVE-2019-6960 | Unspecified vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition 9.x, 10.x, and 11.x before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. | 9.8 |