CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2020-6832
https://notcve.org/view.php?id=CVE-2020-6832
13 Jan 2020 — An issue was discovered in GitLab Enterprise Edition (EE) 8.9.0 through 12.6.1. Using the project import feature, it was possible for someone to obtain issues from private projects. Se descubrió un problema en GitLab Enterprise Edition (EE) versiones 8.9.0 hasta la versión 12.6.1. Usando la funcionalidad de importación de proyectos, fue posible que alguien obtuviera problemas a partir de proyectos privados. • https://about.gitlab.com/blog/categories/releases •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2019-19314
https://notcve.org/view.php?id=CVE-2019-19314
05 Jan 2020 — GitLab EE 8.4 through 12.5, 12.4.3, and 12.3.6 stored several tokens in plaintext. GitLab EE versiones 8.4 hasta 12.5, 12.4.3 y 12.3.6, almacenaron varios tokens en texto plano. • https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released • CWE-312: Cleartext Storage of Sensitive Information •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-19263
https://notcve.org/view.php?id=CVE-2019-19263
03 Jan 2020 — GitLab Enterprise Edition (EE) 8.2 and later through 12.5 has Insecure Permissions. GitLab Enterprise Edition (EE) versiones 8.2 y posteriores hasta la versíon 12.5, tiene Permisos No Seguros. • https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-19261
https://notcve.org/view.php?id=CVE-2019-19261
03 Jan 2020 — GitLab Enterprise Edition (EE) 6.7 and later through 12.5 allows SSRF. GitLab Enterprise Edition (EE) versiones 6.7 y posteriores hasta la 12.5, permite un ataque de tipo SSRF. • https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-19260
https://notcve.org/view.php?id=CVE-2019-19260
03 Jan 2020 — GitLab Community Edition (CE) and Enterprise Edition (EE) through 12.5 has Incorrect Access Control (issue 2 of 2). GitLab Community Edition (CE) and Enterprise Edition (EE) versiones hasta la versión 12.5, tiene un Control de Acceso Incorrecto (problema 2 de 2). • https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2019-19257
https://notcve.org/view.php?id=CVE-2019-19257
03 Jan 2020 — GitLab Community Edition (CE) and Enterprise Edition (EE) through 12.5 has Incorrect Access Control (issue 1 of 2). GitLab Community Edition (CE) and Enterprise Edition (EE) versiones hasta la versión 12.5, tienen un Control de Acceso Incorrecto • https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 1CVE-2018-20494
https://notcve.org/view.php?id=CVE-2018-20494
30 Dec 2019 — An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It has Incorrect Access Control. Se descubrió un problema en GitLab Community and Enterprise Edition versiones anteriores a la versión 11.4.13, versiones 11.5.x anteriores a la versión 11.5.6 y versiones 11.6.x anteriores a la versión 11.6.1. Tiene un Control de Acceso Incorrecto. • https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released • CWE-863: Incorrect Authorization •
CVSS: 5.4EPSS: 0%CPEs: 6EXPL: 1CVE-2018-20496
https://notcve.org/view.php?id=CVE-2018-20496
30 Dec 2019 — An issue was discovered in GitLab Community and Enterprise Edition 11.2.x through 11.4.x before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It allows XSS. Se descubrió un problema en GitLab Community and Enterprise Edition versiones 11.2.x hasta 11.4.x anteriores a la versión 11.4.13, versiones 11.5.x anteriores a la versión 11.5.6 y versiones 11.6.x anteriores a la versión 11.6.1. Permite un ataque de tipo XSS. • https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.0EPSS: 0%CPEs: 6EXPL: 0CVE-2018-20497
https://notcve.org/view.php?id=CVE-2018-20497
30 Dec 2019 — An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It allows SSRF. Se descubrió un problema en GitLab Community and Enterprise Edition versiones anteriores a la versión 11.4.13, versiones 11.5.x anteriores a la versión 11.5.6 y versiones 11.6.x anteriores a la versión 11.6.1. Permite un ataque de tipo SSRF. • https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 0CVE-2018-20498
https://notcve.org/view.php?id=CVE-2018-20498
30 Dec 2019 — An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It has Incorrect Access Control. Se descubrió un problema en GitLab Community and Enterprise Edition versiones anteriores a la versión 11.4.13, versiones 11.5.x anteriores a la versión 11.5.6 y versiones 11.6.x anteriores a la versión 11.6.1. Tiene un Control de Acceso Incorrecto. • https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released • CWE-863: Incorrect Authorization •