CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2020-7977
https://notcve.org/view.php?id=CVE-2020-7977
GitLab EE 8.8 and later through 12.7.2 has Insecure Permissions. GitLab EE versiones 8.8 y posteriores hasta 12.7.2, presenta Permisos No Seguros. • https://about.gitlab.com/blog/categories/releases https://about.gitlab.com/releases/2020/01/30/security-release-gitlab-12-7-4-released • CWE-276: Incorrect Default Permissions •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2020-7978
https://notcve.org/view.php?id=CVE-2020-7978
GitLab EE 12.6 and later through 12.7.2 allows Denial of Service. GitLab EE versiones 12.6 y posteriores hasta 12.7.2, permiten una Denegación de Servicio. • https://about.gitlab.com/blog/categories/releases https://about.gitlab.com/releases/2020/01/30/security-release-gitlab-12-7-4-released •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2020-7979
https://notcve.org/view.php?id=CVE-2020-7979
GitLab EE 8.9 and later through 12.7.2 has Insecure Permission GitLab EE versiones 8.9 y posteriores hasta 12.7.2, presenta Permisos No Seguros. • https://about.gitlab.com/blog/categories/releases https://about.gitlab.com/releases/2020/01/30/security-release-gitlab-12-7-4-released • CWE-276: Incorrect Default Permissions •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2020-8114
https://notcve.org/view.php?id=CVE-2020-8114
GitLab EE 8.9 and later through 12.7.2 has Insecure Permission GitLab EE versiones 8.9 y posteriores hasta 12.7.2, presenta Permisos No Seguros. • https://about.gitlab.com/releases/2020/01/30/security-release-gitlab-12-7-4-released https://about.gitlab.com/releases/categories/releases https://gitlab.com/gitlab-org/gitlab/issues/37468 • CWE-276: Incorrect Default Permissions •
CVSS: 5.3EPSS: 0%CPEs: 6EXPL: 0CVE-2019-15578
https://notcve.org/view.php?id=CVE-2019-15578
An information disclosure exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE). The path of a private project, that used to be public, would be disclosed in the unsubscribe email link of issues and merge requests. Se presenta una divulgación de información en versiones anteriores a 12.3.2, versiones anteriores a 12.2.6 y versiones anteriores a 12.1.12 para GitLab Community Edition (CE) y Enterprise Edition (EE). La ruta de un proyecto privado, que solía ser pública, sería divulgada en el enlace de correo electrónico de desafiliación de problemas y peticiones de fusión. • https://about.gitlab.com/blog/2019/09/30/security-release-gitlab-12-dot-3-dot-2-released https://hackerone.com/reports/650574 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •