Vulnerabilities > Gitlab > High

DATE CVE VULNERABILITY TITLE RISK
2019-07-10 CVE-2018-19571 Server-Side Request Forgery (SSRF) vulnerability in Gitlab
GitLab CE/EE, versions 8.18 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an SSRF vulnerability in webhooks.
network
low complexity
gitlab CWE-918
7.7
2019-05-29 CVE-2019-9732 Unspecified vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition 10.x (starting from 10.8) and 11.x before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1.
network
low complexity
gitlab
7.5
2019-05-29 CVE-2019-9485 Unspecified vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1.
network
low complexity
gitlab
7.5
2019-05-29 CVE-2019-9218 Unspecified vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1.
network
low complexity
gitlab
7.5
2019-05-17 CVE-2019-6781 Open Redirect vulnerability in Gitlab
An Improper Input Validation issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1.
network
low complexity
gitlab CWE-601
7.5
2019-04-17 CVE-2019-9756 Authorization Bypass Through User-Controlled Key vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition 10.x (starting from 10.8) and 11.x before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1.
network
low complexity
gitlab CWE-639
7.5
2019-04-17 CVE-2019-9217 Unspecified vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1.
network
low complexity
gitlab
7.5
2019-04-17 CVE-2019-9174 Server-Side Request Forgery (SSRF) vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1.
network
low complexity
gitlab CWE-918
7.5
2018-12-04 CVE-2018-18843 Server-Side Request Forgery (SSRF) vulnerability in Gitlab
The Kubernetes integration in GitLab Enterprise Edition 11.x before 11.2.8, 11.3.x before 11.3.9, and 11.4.x before 11.4.4 has SSRF.
network
low complexity
gitlab CWE-918
7.5
2018-11-29 CVE-2018-18649 Unspecified vulnerability in Gitlab
An issue was discovered in the wiki API in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3.
network
low complexity
gitlab
7.5