Vulnerabilities > Gitlab > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-12-30 CVE-2018-20507 Missing Authentication for Critical Function vulnerability in Gitlab
An issue was discovered in GitLab Enterprise Edition 11.2.x through 11.4.x before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1.
network
low complexity
gitlab CWE-306
5.3
5.3
2019-12-30 CVE-2018-20501 Missing Authorization vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1.
network
low complexity
gitlab CWE-862
6.3
6.3
2019-12-30 CVE-2018-20498 Incorrect Authorization vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1.
network
low complexity
gitlab CWE-863
4.3
4.3
2019-12-30 CVE-2018-20497 Server-Side Request Forgery (SSRF) vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1.
network
low complexity
gitlab CWE-918
5.0
5.0
2019-12-30 CVE-2018-20496 Cross-site Scripting vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition 11.2.x through 11.4.x before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1.
network
low complexity
gitlab CWE-79
5.4
5.4
2019-12-30 CVE-2018-20495 Information Exposure vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition 11.3.x and 11.4.x before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1.
network
low complexity
gitlab CWE-200
5.3
5.3
2019-12-30 CVE-2018-20493 Incorrect Authorization vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1.
network
low complexity
gitlab CWE-863
4.3
4.3
2019-12-30 CVE-2018-20491 Cross-site Scripting vulnerability in Gitlab
An issue was discovered in GitLab Enterprise Edition 11.3.x and 11.4.x before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1.
network
low complexity
gitlab CWE-79
5.4
5.4
2019-12-30 CVE-2018-20490 Cross-site Scripting vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition 11.2.x through 11.4.x before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1.
network
low complexity
gitlab CWE-79
5.4
5.4
2019-12-30 CVE-2018-20489 Improper Authentication vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1.
network
low complexity
gitlab CWE-287
5.3
5.3