CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-18446
https://notcve.org/view.php?id=CVE-2019-18446
26 Nov 2019 — An issue was discovered in GitLab Community and Enterprise Edition 8.15 through 12.4. It has Insecure Permissions (issue 1 of 2). Se detectó un problema en GitLab Community and Enterprise Edition versiones 8.15 hasta 12.4. Posee Permisos No Seguros (problema 1 de 2). • https://about.gitlab.com/blog/2019/10/30/security-release-gitlab-12-dot-4-dot-1-released • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2019-18447
https://notcve.org/view.php?id=CVE-2019-18447
26 Nov 2019 — An issue was discovered in GitLab Community and Enterprise Edition before 12.4. It has Insecure Permissions. Se detectó un problema en GitLab Community and Enterprise Edition versiones anteriores a 12.4. Posee Permisos No Seguros. • https://about.gitlab.com/blog/2019/10/30/security-release-gitlab-12-dot-4-dot-1-released • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-18448
https://notcve.org/view.php?id=CVE-2019-18448
26 Nov 2019 — An issue was discovered in GitLab Community and Enterprise Edition before 12.4. It has Incorrect Access Control. Se detectó un problema en GitLab Community and Enterprise Edition versiones anteriores a 12.4. Posee un Control de Acceso Incorrecto. • https://about.gitlab.com/blog/2019/10/30/security-release-gitlab-12-dot-4-dot-1-released •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2019-18449
https://notcve.org/view.php?id=CVE-2019-18449
26 Nov 2019 — An issue was discovered in GitLab Community and Enterprise Edition before 12.4 in the autocomplete feature. It has Insecure Permissions (issue 2 of 2). Se detectó un problema en GitLab Community and Enterprise Edition versiones anteriores a 12.4, en la funcionalidad autocomplete. Posee Permisos No Seguros (problema 2 de 2). • https://about.gitlab.com/blog/2019/10/30/security-release-gitlab-12-dot-4-dot-1-released • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2019-18450
https://notcve.org/view.php?id=CVE-2019-18450
26 Nov 2019 — An issue was discovered in GitLab Community and Enterprise Edition before 12.4 in the Project labels feature. It has Insecure Permissions. Se detectó un problema en GitLab Community and Enterprise Edition versiones anteriores a 12.4, en la funcionalidad Project labels. Posee Permisos No Seguros. • https://about.gitlab.com/blog/2019/10/30/security-release-gitlab-12-dot-4-dot-1-released • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2019-18451
https://notcve.org/view.php?id=CVE-2019-18451
26 Nov 2019 — An issue was discovered in GitLab Community and Enterprise Edition 10.7.4 through 12.4 in the InternalRedirect filtering feature. It has an Open Redirect. Se detectó un problema en GitLab Community and Enterprise Edition versiones 10.7.4 hasta 12.4, en la funcionalidad InternalRedirect filtering. Posee un Redireccionamiento Abierto. • https://about.gitlab.com/blog/2019/10/30/security-release-gitlab-12-dot-4-dot-1-released • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2019-18452
https://notcve.org/view.php?id=CVE-2019-18452
26 Nov 2019 — An issue was discovered in GitLab Community and Enterprise Edition 11.3 through 12.4 when moving an issue to a public project from a private one. It has Insecure Permissions. Se detectó un problema en GitLab Community and Enterprise Edition versiones 11.3 hasta 12.4, cuando se mueve un problema a un proyecto público desde uno privado. Posee Permisos No Seguros. • https://about.gitlab.com/blog/2019/10/30/security-release-gitlab-12-dot-4-dot-1-released • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2019-18453
https://notcve.org/view.php?id=CVE-2019-18453
26 Nov 2019 — An issue was discovered in GitLab Community and Enterprise Edition 11.6 through 12.4 in the add comments via email feature. It has Insecure Permissions. Se detectó un problema en GitLab Community and Enterprise Edition versiones 11.6 hasta 12.4, en la funcionalidad add comments via email. Posee Permisos No Seguros. • https://about.gitlab.com/blog/2019/10/30/security-release-gitlab-12-dot-4-dot-1-released • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2019-18454
https://notcve.org/view.php?id=CVE-2019-18454
26 Nov 2019 — An issue was discovered in GitLab Community and Enterprise Edition 10.5 through 12.4 in link validation for RDoc wiki pages feature. It has XSS. Se detectó un problema en GitLab Community and Enterprise Edition versiones 10.5 hasta 12.4, en la comprobación de enlaces para la funcionalidad de páginas RDoc wiki. Presenta una vulnerabilidad de tipo XSS. • https://about.gitlab.com/blog/2019/10/30/security-release-gitlab-12-dot-4-dot-1-released • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-18455
https://notcve.org/view.php?id=CVE-2019-18455
26 Nov 2019 — An issue was discovered in GitLab Community and Enterprise Edition 11 through 12.4 when building Nested GraphQL queries. It has a large or infinite loop. Se detectó un problema en GitLab Community and Enterprise Edition versiones 11 hasta 12.4, cuando se construyen consultas GraphQL anidadas. Posee un bucle grande o infinito. • https://about.gitlab.com/blog/2019/10/30/security-release-gitlab-12-dot-4-dot-1-released • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •