Page 106 of 757 results (0.004 seconds)

CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0

GitLab Community Edition (CE) and Enterprise Edition (EE). 9.6 and later through 12.5 has Incorrect Access Control. GitLab Community Edition (CE) and Enterprise Edition (EE). Versiones 9.6 y posteriores hasta la versión 12.5, tiene un Control de Acceso Incorrecto. • https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released https://about.gitlab.com/blog/categories/releases https://gitlab.com/gitlab-org/gitlab/issues/12219 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

Gitlab Enterprise Edition (EE) 11.3 through 12.4.2 allows Directory Traversal. Gitlab Enterprise Edition (EE) versiones 11.3 hasta la versión 12.4.2, permite un Salto de Directorio. • https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released https://about.gitlab.com/blog/categories/releases • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

Gitlab Enterprise Edition (EE) before 12.5.1 has Insecure Permissions (issue 2 of 2). Gitlab Enterprise Edition (EE) versiones anteriores a la versión 12.5.1, tiene Permisos No Seguros • https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released https://about.gitlab.com/blog/categories/releases • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

Gitlab Enterprise Edition (EE) before 12.5.1 has Insecure Permissions (issue 1 of 2). Gitlab Enterprise Edition (EE) versiones anteriores a la versíon 12.5.1, tiene Permisos No Seguros (problema 1 de 2). • https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released https://about.gitlab.com/blog/categories/releases • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 0

GitLab EE 8.14 through 12.5, 12.4.3, and 12.3.6 allows XSS in group and profile fields. GitLab EE versiones 8.14 hasta la versión 12.5, 12.4.3 y 12.3.6, permite un ataque de tipo XSS en los campos group y profile. • https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released https://about.gitlab.com/blog/categories/releases https://gitlab.com/gitlab-org/gitlab/issues/31536 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •