| Max CVSS | 6.4 | Min CVSS | 3.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-19574 | 3.5 |
GitLab CE/EE, versions 7.6 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an XSS vulnerability in the OAuth authorization page.
|
01-03-2023 - 15:45 | 10-07-2019 - 16:15 | |
| CVE-2018-19571 | 4.0 |
GitLab CE/EE, versions 8.18 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an SSRF vulnerability in webhooks.
|
01-03-2023 - 15:45 | 10-07-2019 - 17:15 | |
| CVE-2018-19585 | 5.0 |
GitLab CE/EE versions 8.18 up to 11.x before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1 have CRLF Injection in Project Mirroring when using the Git protocol.
|
24-12-2020 - 19:15 | 17-05-2019 - 16:29 | |
| CVE-2019-5883 | 6.4 |
An Incorrect Access Control issue was discovered in GitLab Community and Enterprise Edition 6.0 and later but before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1. The issue comments feature could allow a user to comment on an issue which t
|
24-08-2020 - 17:37 | 17-05-2019 - 16:29 | |
| CVE-2018-19576 | 6.4 |
GitLab CE/EE, versions 8.6 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an access control issue that allows a Guest user to make changes to or delete their own comments on an issue, after the issue was made
|
11-07-2019 - 19:51 | 10-07-2019 - 16:15 |