Vulnerabilities > Gitlab > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-10 | CVE-2019-12444 | Cross-site Scripting vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition 8.9 through 11.11. | 6.1 |
| 2020-03-10 | CVE-2019-12442 | Cross-site Scripting vulnerability in Gitlab An issue was discovered in GitLab Enterprise Edition 11.7 through 11.11. | 6.1 |
| 2020-03-10 | CVE-2019-12434 | Use of Insufficiently Random Values vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition 10.6 through 11.11. | 4.3 |
| 2020-03-10 | CVE-2019-12433 | Improper Input Validation vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition 11.7 through 11.11. | 5.3 |
| 2020-03-10 | CVE-2019-12432 | Information Exposure vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition 8.13 through 11.11. | 4.3 |
| 2020-03-10 | CVE-2019-12431 | Unspecified vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition 8.13 through 11.11. | 4.3 |
| 2020-03-10 | CVE-2019-12429 | Unspecified vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition 11.9 through 11.11. | 6.5 |
| 2020-02-17 | CVE-2019-12825 | Insecure Storage of Sensitive Information vulnerability in Gitlab Unauthorized Access to the Container Registry of other groups was discovered in GitLab Enterprise 12.0.0-pre. | 4.3 |
| 2020-02-14 | CVE-2019-15594 | Unspecified vulnerability in Gitlab GitLab 11.8 and later contains a security vulnerability that allows a user to obtain details of restricted pipelines via the merge request endpoint. | 4.3 |
| 2020-02-14 | CVE-2019-15592 | Unspecified vulnerability in Gitlab GitLab 12.2.2 and below contains a security vulnerability that allows a guest user in a private project to see the merge request ID associated to an issue via the activity timeline. | 4.3 |