CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2020-7974
https://notcve.org/view.php?id=CVE-2020-7974
05 Feb 2020 — GitLab EE 10.1 through 12.7.2 allows Information Disclosure. GitLab EE versiones 10.1 hasta 12.7.2, permite una Divulgación de Información. • https://about.gitlab.com/blog/categories/releases •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2020-7977
https://notcve.org/view.php?id=CVE-2020-7977
05 Feb 2020 — GitLab EE 8.8 and later through 12.7.2 has Insecure Permissions. GitLab EE versiones 8.8 y posteriores hasta 12.7.2, presenta Permisos No Seguros. • https://about.gitlab.com/blog/categories/releases • CWE-276: Incorrect Default Permissions •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2020-7979
https://notcve.org/view.php?id=CVE-2020-7979
05 Feb 2020 — GitLab EE 8.9 and later through 12.7.2 has Insecure Permission GitLab EE versiones 8.9 y posteriores hasta 12.7.2, presenta Permisos No Seguros. • https://about.gitlab.com/blog/categories/releases • CWE-276: Incorrect Default Permissions •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2020-8114
https://notcve.org/view.php?id=CVE-2020-8114
05 Feb 2020 — GitLab EE 8.9 and later through 12.7.2 has Insecure Permission GitLab EE versiones 8.9 y posteriores hasta 12.7.2, presenta Permisos No Seguros. • https://about.gitlab.com/releases/2020/01/30/security-release-gitlab-12-7-4-released • CWE-276: Incorrect Default Permissions •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2013-4582
https://notcve.org/view.php?id=CVE-2013-4582
28 Jan 2020 — The (1) create_branch, (2) create_tag, (3) import_project, and (4) fork_project functions in lib/gitlab_projects.rb in GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, Enterprise Edition before 6.2.1 and gitlab-shell before 1.7.8 allows remote authenticated users to include information from local files into the metadata of a Git repository via the web interface. Las funciones (1) create_branch, (2) create_tag, (3) import_project y (4) fork_project en el archivo lib/gitlab_projects.rb en GitLab versi... • http://www.openwall.com/lists/oss-security/2013/11/15/4 • CWE-829: Inclusion of Functionality from Untrusted Control Sphere •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2013-4583
https://notcve.org/view.php?id=CVE-2013-4583
28 Jan 2020 — The parse_cmd function in lib/gitlab_shell.rb in GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, and Enterprise Edition before 6.2.1 and gitlab-shell before 1.7.8 allows remote authenticated users to gain privileges and clone arbitrary repositories. La función parse_cmd en el archivo lib/gitlab_shell.rb en GitLab versiones 5.0 anteriores a 5.4.2, Community Edition versiones anteriores a 6.2.4 y Enterprise Edition versiones anteriores a 6.2.1 y gitlab-shell versiones anteriores a 1.7.8, permite a us... • http://www.openwall.com/lists/oss-security/2013/11/15/4 • CWE-269: Improper Privilege Management •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 1CVE-2019-5465
https://notcve.org/view.php?id=CVE-2019-5465
28 Jan 2020 — An information disclosure issue was discovered in GitLab CE/EE 8.14 and later, by using the move issue feature which could result in disclosure of the newly created issue ID. Se detectó un problema de divulgación de información en GitLab CE/EE versiones 8.14 y posteriores, mediante el uso de la funcionalidad move issue lo que podría resultar en la divulgación del ID de un problema creado recientemente. • https://about.gitlab.com/releases/2019/07/29/security-release-gitlab-12-dot-1-dot-2-released • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2019-5462
https://notcve.org/view.php?id=CVE-2019-5462
28 Jan 2020 — A privilege escalation issue was discovered in GitLab CE/EE 9.0 and later when trigger tokens are not rotated once ownership of them has changed. Se detectó un problema de escalada de privilegios en GitLab CE/EE versiones 9.0 y posteriores, cuando los tokens de activación no son rotados una vez que la propiedad de ellos ha cambiado. • https://about.gitlab.com/releases/2019/07/29/security-release-gitlab-12-dot-1-dot-2-released • CWE-613: Insufficient Session Expiration •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2019-20147
https://notcve.org/view.php?id=CVE-2019-20147
13 Jan 2020 — An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 9.1 through 12.6.1. It has Incorrect Access Control. Se descubrió un problema en GitLab Community Edition (CE) and Enterprise Edition (EE) versiones 9.1 hasta la versión 12.6.1. tiene un Control de Acceso Incorrecto. • https://about.gitlab.com/blog/categories/releases •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2019-20148
https://notcve.org/view.php?id=CVE-2019-20148
13 Jan 2020 — An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 8.13 through 12.6.1. It has Incorrect Access Control. Se descubrió un problema en GitLab Community Edition (CE) and Enterprise Edition (EE) versiones 8.13 hasta la versión 12.6.1. Tiene un Control de Acceso Incorrecto. • https://about.gitlab.com/blog/categories/releases •