Vulnerabilities > Gitlab > High

DATE CVE VULNERABILITY TITLE RISK
2019-05-17 CVE-2018-20500 Incorrect Permission Assignment for Critical Resource vulnerability in Gitlab
An insecure permissions issue was discovered in GitLab Community and Enterprise Edition 9.4 and later but before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1.
network
low complexity
gitlab CWE-732
7.5
7.5
2019-05-17 CVE-2018-19585 CRLF Injection vulnerability in Gitlab
GitLab CE/EE versions 8.18 up to 11.x before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1 have CRLF Injection in Project Mirroring when using the Git protocol.
network
low complexity
gitlab CWE-93
7.5
7.5
2019-05-16 CVE-2019-10112 Inadequate Encryption Strength vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2.
network
low complexity
gitlab CWE-326
7.5
7.5
2019-05-16 CVE-2019-10114 Information Exposure Through Discrepancy vulnerability in Gitlab
An Information Exposure issue (issue 2 of 2) was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2.
network
low complexity
gitlab CWE-203
7.5
7.5
2019-05-16 CVE-2019-10113 Resource Exhaustion vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2.
network
low complexity
gitlab CWE-400
7.5
7.5
2019-05-15 CVE-2019-10640 Command Injection vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition before 11.7.10, 11.8.x before 11.8.6, and 11.9.x before 11.9.4.
network
low complexity
gitlab CWE-77
7.5
7.5
2019-04-25 CVE-2018-19359 Unspecified vulnerability in Gitlab
GitLab Community and Enterprise Edition 8.9 and later and before 11.5.0-rc12, 11.4.6, and 11.3.10 has Incorrect Access Control.
network
low complexity
gitlab
8.8
8.8
2019-04-17 CVE-2019-9223 Information Exposure Through an Error Message vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1.
network
low complexity
gitlab CWE-209
7.5
7.5
2019-04-17 CVE-2019-9222 Incorrect Permission Assignment for Critical Resource vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1.
network
low complexity
gitlab CWE-732
8.1
8.1
2019-04-17 CVE-2019-9220 Resource Exhaustion vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1.
network
low complexity
gitlab CWE-400
7.5
7.5