Vulnerabilities > Gitlab > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-28 | CVE-2019-5465 | Unspecified vulnerability in Gitlab An information disclosure issue was discovered in GitLab CE/EE 8.14 and later, by using the move issue feature which could result in disclosure of the newly created issue ID. | 4.3 |
| 2020-01-28 | CVE-2019-15586 | Cross-site Scripting vulnerability in Gitlab A XSS exists in Gitlab CE/EE < 12.1.10 in the Mermaid plugin. | 6.1 |
| 2020-01-28 | CVE-2019-15582 | Authorization Bypass Through User-Controlled Key vulnerability in Gitlab An IDOR was discovered in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE) that allowed a maintainer to add any private group to a protected environment. | 5.3 |
| 2020-01-28 | CVE-2019-15581 | Authorization Bypass Through User-Controlled Key vulnerability in Gitlab An IDOR exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE) that allowed a project owner or maintainer to see the members of any private group via merge request approval rules. | 5.3 |
| 2020-01-28 | CVE-2019-15579 | Unspecified vulnerability in Gitlab An information disclosure exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE) where the assignee(s) of a confidential issue in a private project would be disclosed to a guest via milestones. | 5.3 |
| 2020-01-28 | CVE-2019-15578 | Information Exposure vulnerability in Gitlab An information disclosure exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE). | 5.3 |
| 2020-01-13 | CVE-2019-20144 | Unspecified vulnerability in Gitlab An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 10.8 through 12.6.1. | 4.3 |
| 2020-01-13 | CVE-2019-20143 | Missing Authentication for Critical Function vulnerability in Gitlab 12.6.0 An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 12.6. | 5.3 |
| 2020-01-13 | CVE-2019-20142 | Unspecified vulnerability in Gitlab An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 12.3 through 12.6.1. | 4.3 |
| 2020-01-13 | CVE-2020-6832 | Unspecified vulnerability in Gitlab An issue was discovered in GitLab Enterprise Edition (EE) 8.9.0 through 12.6.1. | 5.3 |