Vulnerabilities > Gitlab > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-05-15 CVE-2019-10110 Incorrect Permission Assignment for Critical Resource vulnerability in Gitlab
An Insecure Permissions issue (issue 1 of 3) was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2.
network
low complexity
gitlab CWE-732
6.5
6.5
2019-05-15 CVE-2019-10109 Information Exposure vulnerability in Gitlab
An Information Exposure issue (issue 1 of 2) was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2.
network
low complexity
gitlab CWE-200
5.3
5.3
2019-05-15 CVE-2019-10108 Authorization Bypass Through User-Controlled Key vulnerability in Gitlab
An Incorrect Access Control (issue 1 of 2) was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2.
network
low complexity
gitlab CWE-639
5.4
5.4
2019-05-10 CVE-2019-11000 Unspecified vulnerability in Gitlab
An issue was discovered in GitLab Enterprise Edition before 11.7.11, 11.8.x before 11.8.7, and 11.9.x before 11.9.7.
network
low complexity
gitlab
6.5
6.5
2019-04-25 CVE-2018-18643 Cross-site Scripting vulnerability in Gitlab
GitLab CE & EE 11.2 and later and before 11.5.0-rc12, 11.4.6, and 11.3.10 have Persistent XSS.
network
low complexity
gitlab CWE-79
6.1
6.1
2019-04-17 CVE-2019-9225 Information Exposure vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1.
network
low complexity
gitlab CWE-200
5.3
5.3
2019-04-17 CVE-2019-9224 Missing Authorization vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1.
network
low complexity
gitlab CWE-862
5.3
5.3
2019-04-17 CVE-2019-9178 Unspecified vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1.
network
low complexity
gitlab
5.3
5.3
2019-04-17 CVE-2019-9176 Cross-Site Request Forgery (CSRF) vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1.
network
low complexity
gitlab CWE-352
6.5
6.5
2019-04-17 CVE-2019-9175 Information Exposure vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1.
network
low complexity
gitlab CWE-200
5.3
5.3