| Max CVSS | 7.5 | Min CVSS | 3.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2019-19309 | 4.0 |
GitLab Enterprise Edition (EE) 8.90 and later through 12.5 has Incorrect Access Control.
|
21-07-2021 - 11:39 | 03-01-2020 - 17:15 | |
| CVE-2019-19312 | 5.0 |
GitLab EE 8.14 through 12.5, 12.4.3, and 12.3.6 has Incorrect Access Control. After a project changed to private, previously forked repositories were still able to get information about the private project through the API.
|
21-07-2021 - 11:39 | 05-01-2020 - 22:15 | |
| CVE-2019-19257 | 5.0 |
GitLab Community Edition (CE) and Enterprise Edition (EE) through 12.5 has Incorrect Access Control (issue 1 of 2).
|
21-07-2021 - 11:39 | 03-01-2020 - 17:15 | |
| CVE-2019-19313 | 5.0 |
GitLab EE 12.3 through 12.5, 12.4.3, and 12.3.6 allows Denial of Service. Certain characters were making it impossible to create, edit, or view issues and commits.
|
21-07-2021 - 11:39 | 05-01-2020 - 22:15 | |
| CVE-2019-19258 | 5.0 |
GitLab Enterprise Edition (EE) 10.8 and later through 12.5 has Incorrect Access Control.
|
21-07-2021 - 11:39 | 03-01-2020 - 17:15 | |
| CVE-2019-19255 | 4.0 |
GitLab Enterprise Edition (EE) 12.3 and later through 12.5 has Incorrect Access Control.
|
24-08-2020 - 17:37 | 03-01-2020 - 17:15 | |
| CVE-2019-19262 | 4.0 |
GitLab Enterprise Edition (EE) 11.9 and later through 12.5 has Insecure Permissions.
|
24-08-2020 - 17:37 | 03-01-2020 - 17:15 | |
| CVE-2019-19087 | 4.0 |
Gitlab Enterprise Edition (EE) before 12.5.1 has Insecure Permissions (issue 2 of 2).
|
24-08-2020 - 17:37 | 03-01-2020 - 16:15 | |
| CVE-2019-19263 | 4.0 |
GitLab Enterprise Edition (EE) 8.2 and later through 12.5 has Insecure Permissions.
|
24-08-2020 - 17:37 | 03-01-2020 - 17:15 | |
| CVE-2019-19260 | 5.5 |
GitLab Community Edition (CE) and Enterprise Edition (EE) through 12.5 has Incorrect Access Control (issue 2 of 2).
|
24-08-2020 - 17:37 | 03-01-2020 - 17:15 | |
| CVE-2019-19086 | 4.0 |
Gitlab Enterprise Edition (EE) before 12.5.1 has Insecure Permissions (issue 1 of 2).
|
24-08-2020 - 17:37 | 03-01-2020 - 16:15 | |
| CVE-2019-19314 | 5.0 |
GitLab EE 8.4 through 12.5, 12.4.3, and 12.3.6 stored several tokens in plaintext.
|
10-01-2020 - 17:54 | 05-01-2020 - 22:15 | |
| CVE-2019-19311 | 3.5 |
GitLab EE 8.14 through 12.5, 12.4.3, and 12.3.6 allows XSS in group and profile fields.
|
09-01-2020 - 20:43 | 03-01-2020 - 16:15 | |
| CVE-2019-19261 | 6.8 |
GitLab Enterprise Edition (EE) 6.7 and later through 12.5 allows SSRF.
|
09-01-2020 - 19:04 | 03-01-2020 - 17:15 | |
| CVE-2019-19310 | 4.0 |
GitLab Enterprise Edition (EE) 9.0 and later through 12.5 allows Information Disclosure.
|
08-01-2020 - 14:28 | 03-01-2020 - 17:15 | |
| CVE-2019-19259 | 4.0 |
GitLab Enterprise Edition (EE) 11.3 and later through 12.5 allows an Insecure Direct Object Reference (IDOR).
|
06-01-2020 - 21:48 | 03-01-2020 - 17:15 | |
| CVE-2019-19254 | 5.0 |
GitLab Community Edition (CE) and Enterprise Edition (EE). 9.6 and later through 12.5 has Incorrect Access Control.
|
06-01-2020 - 21:32 | 03-01-2020 - 16:15 | |
| CVE-2019-19256 | 5.0 |
GitLab Enterprise Edition (EE) 12.2 and later through 12.5 has Incorrect Access Control.
|
06-01-2020 - 21:08 | 03-01-2020 - 17:15 | |
| CVE-2019-19088 | 7.5 |
Gitlab Enterprise Edition (EE) 11.3 through 12.4.2 allows Directory Traversal.
|
06-01-2020 - 21:05 | 03-01-2020 - 16:15 |