CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2019-18447
https://notcve.org/view.php?id=CVE-2019-18447
26 Nov 2019 — An issue was discovered in GitLab Community and Enterprise Edition before 12.4. It has Insecure Permissions. Se detectó un problema en GitLab Community and Enterprise Edition versiones anteriores a 12.4. Posee Permisos No Seguros. • https://about.gitlab.com/blog/2019/10/30/security-release-gitlab-12-dot-4-dot-1-released • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-18448
https://notcve.org/view.php?id=CVE-2019-18448
26 Nov 2019 — An issue was discovered in GitLab Community and Enterprise Edition before 12.4. It has Incorrect Access Control. Se detectó un problema en GitLab Community and Enterprise Edition versiones anteriores a 12.4. Posee un Control de Acceso Incorrecto. • https://about.gitlab.com/blog/2019/10/30/security-release-gitlab-12-dot-4-dot-1-released •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2019-18449
https://notcve.org/view.php?id=CVE-2019-18449
26 Nov 2019 — An issue was discovered in GitLab Community and Enterprise Edition before 12.4 in the autocomplete feature. It has Insecure Permissions (issue 2 of 2). Se detectó un problema en GitLab Community and Enterprise Edition versiones anteriores a 12.4, en la funcionalidad autocomplete. Posee Permisos No Seguros (problema 2 de 2). • https://about.gitlab.com/blog/2019/10/30/security-release-gitlab-12-dot-4-dot-1-released • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2019-18450
https://notcve.org/view.php?id=CVE-2019-18450
26 Nov 2019 — An issue was discovered in GitLab Community and Enterprise Edition before 12.4 in the Project labels feature. It has Insecure Permissions. Se detectó un problema en GitLab Community and Enterprise Edition versiones anteriores a 12.4, en la funcionalidad Project labels. Posee Permisos No Seguros. • https://about.gitlab.com/blog/2019/10/30/security-release-gitlab-12-dot-4-dot-1-released • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2019-18463
https://notcve.org/view.php?id=CVE-2019-18463
26 Nov 2019 — An issue was discovered in GitLab Community and Enterprise Edition through 12.4. It has Insecure Permissions (issue 4 of 4). Se detectó un problema en GitLab Community and Enterprise Edition versiones hasta 12.4. Posee Permisos No Seguros (problema 4 de 4). • https://about.gitlab.com/blog/2019/10/30/security-release-gitlab-12-dot-4-dot-1-released • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2019-15737
https://notcve.org/view.php?id=CVE-2019-15737
16 Sep 2019 — An issue was discovered in GitLab Community and Enterprise Edition through 12.2.1. Certain account actions needed improved authentication and session management. Se detectó un problema en GitLab Community and Enterprise Edition versiones hasta 12.2.1. Determinadas acciones de la cuenta necesitaban autenticación mejorada y administración de sesión. • https://about.gitlab.com/2019/08/29/security-release-gitlab-12-dot-2-dot-3-released •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2019-15736
https://notcve.org/view.php?id=CVE-2019-15736
16 Sep 2019 — An issue was discovered in GitLab Community and Enterprise Edition through 12.2.1. Under certain circumstances, CI pipelines could potentially be used in a denial of service attack. Se detectó un problema en GitLab Community and Enterprise Edition versiones hasta 12.2.1. Bajo ciertas circunstancias, las pipelines de CI podrían ser usadas potencialmente en un ataque de denegación de servicio. • https://about.gitlab.com/2019/08/29/security-release-gitlab-12-dot-2-dot-3-released • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.3EPSS: 0%CPEs: 6EXPL: 0CVE-2019-15726
https://notcve.org/view.php?id=CVE-2019-15726
16 Sep 2019 — An issue was discovered in GitLab Community and Enterprise Edition through 12.2.1. Embedded images and media files in markdown could be pointed to an arbitrary server, which would reveal the IP address of clients requesting the file from that server. Se descubrió un problema en GitLab Community and Enterprise Edition versiones hasta 12.2.1. Las imágenes y los archivos multimedia insertados en Markdown podrían ser apuntados hacia un servidor arbitrario, que revelaría la dirección IP de los clientes que solic... • https://about.gitlab.com/2019/08/29/security-release-gitlab-12-dot-2-dot-3-released •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2019-6791
https://notcve.org/view.php?id=CVE-2019-6791
09 Sep 2019 — An issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It has Incorrect Access Control (issue 3 of 3). When a project with visibility more permissive than the target group is imported, it will retain its prior visibility. Se descubrió un problema en GitLab Community and Enterprise Edition versiones anteriores a 11.5.8, versiones 11.6.x anteriores a 11.6.6 y versiones 11.7.x anteriores a 11.7.1. Este presenta un Control de Acceso Inco... • https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released • CWE-281: Improper Preservation of Permissions •
CVSS: 5.8EPSS: 0%CPEs: 6EXPL: 1CVE-2019-6795
https://notcve.org/view.php?id=CVE-2019-6795
09 Sep 2019 — An issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It has Insufficient Visual Distinction of Homoglyphs Presented to a User. IDN homographs and RTLO characters are rendered to unicode, which could be used for social engineering. Se detectó un problema en GitLab Community and Enterprise Edition versiones anteriores a 11.5.8, versiones 11.6.x anteriores a 11.6.6 y versiones 11.7.x anteriores a 11.7.1. Presenta una Distinción Visual... • https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released •