CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-19261
https://notcve.org/view.php?id=CVE-2019-19261
GitLab Enterprise Edition (EE) 6.7 and later through 12.5 allows SSRF. GitLab Enterprise Edition (EE) versiones 6.7 y posteriores hasta la 12.5, permite un ataque de tipo SSRF. • https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released https://about.gitlab.com/blog/categories/releases • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-19260
https://notcve.org/view.php?id=CVE-2019-19260
GitLab Community Edition (CE) and Enterprise Edition (EE) through 12.5 has Incorrect Access Control (issue 2 of 2). GitLab Community Edition (CE) and Enterprise Edition (EE) versiones hasta la versión 12.5, tiene un Control de Acceso Incorrecto (problema 2 de 2). • https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released https://about.gitlab.com/blog/categories/releases •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2019-19257
https://notcve.org/view.php?id=CVE-2019-19257
GitLab Community Edition (CE) and Enterprise Edition (EE) through 12.5 has Incorrect Access Control (issue 1 of 2). GitLab Community Edition (CE) and Enterprise Edition (EE) versiones hasta la versión 12.5, tienen un Control de Acceso Incorrecto • https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released https://about.gitlab.com/blog/categories/releases •
CVSS: 5.3EPSS: 0%CPEs: 6EXPL: 0CVE-2018-20492
https://notcve.org/view.php?id=CVE-2018-20492
An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It has Incorrect Access Control (issue 2 of 6). Se detectó un problema en GitLab Community and Enterprise Edition versiones anteriores a 11.4.13, versiones 11.5.x anteriores a 11.5.6 y versiones 11.6.x anteriores a 11.6.1. Presenta un Control de Acceso Incorrecto (problema 2 de 6). • https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released https://about.gitlab.com/blog/categories/releases • CWE-863: Incorrect Authorization •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 1CVE-2019-15584
https://notcve.org/view.php?id=CVE-2019-15584
A denial of service exists in gitlab <v12.3.2, <v12.2.6, and <v12.1.10 that would let an attacker bypass input validation in markdown fields take down the affected page. Se presenta una denegación de servicio en gitlab versiones anteriores a v12.3.2, versiones anteriores a v12.2.6 y versiones anteriores a v12.1.10, que permitiría a un atacante omitir la comprobación de entrada en los campos markdown para suspender la página afectada. • https://hackerone.com/reports/670572 • CWE-400: Uncontrolled Resource Consumption •