CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 1CVE-2019-9171
https://notcve.org/view.php?id=CVE-2019-9171
17 Apr 2019 — An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It allows Information Exposure (issue 1 of 5). Se detecto un problema en GitLab Community and Enterprise Edition anterior a versión 11.6.10, versión 11.7.x anterior a 11.7.6 y versión 11.8.x anterior a 11.8.1. Permite la Exposición de Información (número 1 de 5). • https://about.gitlab.com/2019/03/04/security-release-gitlab-11-dot-8-dot-1-released • CWE-862: Missing Authorization •
CVSS: 9.1EPSS: 0%CPEs: 6EXPL: 0CVE-2019-9890
https://notcve.org/view.php?id=CVE-2019-9890
17 Apr 2019 — An issue was discovered in GitLab Community and Enterprise Edition 10.x and 11.x before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Insecure Permissions. Se descubrió un problema en GitLab Community and Enterprise Edition 10.xy 11.x antes de 11.6.10, 11.7.x antes de 11.7.6 y 11.8.x antes de 11.8.1. Tiene permisos inseguros. • https://about.gitlab.com/2019/03/04/security-release-gitlab-11-dot-8-dot-1-released •
CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 1CVE-2019-9179
https://notcve.org/view.php?id=CVE-2019-9179
17 Apr 2019 — An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It allows Information Exposure (issue 5 of 5). Se detecto un problema en GitLab Community and Enterprise Edition anterior a versión 11.6.10, versión 11.7.x anterior a 11.7.6 y versión 11.8.x anterior a 11.8.1. Permite la Exposición de Información (problema 5 de 5). • https://about.gitlab.com/2019/03/04/security-release-gitlab-11-dot-8-dot-1-released • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 6EXPL: 1CVE-2019-9178
https://notcve.org/view.php?id=CVE-2019-9178
17 Apr 2019 — An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It allows Information Exposure (issue 4 of 5). Se detecto un problema en GitLab Community and Enterprise Edition anterior a versión 11.6.10, versión 11.7.x anterior a 11.7.6 y versión 11.8.x anterior a 11.8.1. Permite la Exposición de Información (problema 4 de 5). • https://about.gitlab.com/2019/03/04/security-release-gitlab-11-dot-8-dot-1-released •
CVSS: 5.3EPSS: 0%CPEs: 6EXPL: 0CVE-2019-9175
https://notcve.org/view.php?id=CVE-2019-9175
17 Apr 2019 — An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It allows Information Exposure (issue 3 of 5). Se detecto un problema en GitLab Community and Enterprise Edition anterior a versión 11.6.10, versión 11.7.x anterior a 11.7.6 y versión 11.8.x anterior a 11.8.1. Permite la Exposición de Información (problema 3 de 5). • https://about.gitlab.com/2019/03/04/security-release-gitlab-11-dot-8-dot-1-released • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 6EXPL: 1CVE-2019-9170
https://notcve.org/view.php?id=CVE-2019-9170
17 Apr 2019 — An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control. Se descubrió un problema en GitLab Community and Enterprise Edition antes de 11.6.10, 11.7.x antes de 11.7.6 y 11.8.x antes de 11.8.1. Tiene control de acceso incorrecto. • https://about.gitlab.com/2019/03/04/security-release-gitlab-11-dot-8-dot-1-released • CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 5.9EPSS: 0%CPEs: 6EXPL: 1CVE-2019-9172
https://notcve.org/view.php?id=CVE-2019-9172
17 Apr 2019 — An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It allows Information Exposure (issue 2 of 5). Se detecto un problema en GitLab Community and Enterprise Edition anterior a versión 11.6.10, versión 11.7.x anterior a 11.7.6 y versión 11.8.x anterior a 11.8.1. Permite la Exposición de Información (número 2 de 5). • https://about.gitlab.com/2019/03/04/security-release-gitlab-11-dot-8-dot-1-released •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2019-9174
https://notcve.org/view.php?id=CVE-2019-9174
17 Apr 2019 — An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It allows SSRF. Se descubrió un problema en GitLab Community y Enterprise Edition versión anterior a 11.6.10,versión 11.7.x anterior a 11.7.6 y versión 11.8.x anterior a 11.8.1. Permite Server Side Request Forgery (SSRF). • https://about.gitlab.com/2019/03/04/security-release-gitlab-11-dot-8-dot-1-released • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2019-9176
https://notcve.org/view.php?id=CVE-2019-9176
17 Apr 2019 — An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It allows CSRF. Se descubrió un problema en GitLab Community y Enterprise Edition en la versión anterior a 11.6.10, versión 11.7.x anterior a 11.7.6 y versión 11.8.x anterior a 11.8.1. Permite Cross Site Request Forgery (CSRF). • https://about.gitlab.com/2019/03/04/security-release-gitlab-11-dot-8-dot-1-released • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 1CVE-2019-7155
https://notcve.org/view.php?id=CVE-2019-7155
16 Apr 2019 — An issue was discovered in GitLab Community and Enterprise Edition 9.x, 10.x, and 11.x before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It has Incorrect Access Control. A user retains their role within a project in a private group after being removed from the group, if their privileges within the project are different from the group. Se detectó un problema en GitLab Community and Enterprise Edition versiones 9.x, 10.x, y 11.x en versiones anteriores a la 11.5.8, 11.6.x en versiones anteriores ... • https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released • CWE-269: Improper Privilege Management •