CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2019-18449
https://notcve.org/view.php?id=CVE-2019-18449
An issue was discovered in GitLab Community and Enterprise Edition before 12.4 in the autocomplete feature. It has Insecure Permissions (issue 2 of 2). Se detectó un problema en GitLab Community and Enterprise Edition versiones anteriores a 12.4, en la funcionalidad autocomplete. Posee Permisos No Seguros (problema 2 de 2). • https://about.gitlab.com/blog/2019/10/30/security-release-gitlab-12-dot-4-dot-1-released https://about.gitlab.com/blog/categories/releases • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2019-18450
https://notcve.org/view.php?id=CVE-2019-18450
An issue was discovered in GitLab Community and Enterprise Edition before 12.4 in the Project labels feature. It has Insecure Permissions. Se detectó un problema en GitLab Community and Enterprise Edition versiones anteriores a 12.4, en la funcionalidad Project labels. Posee Permisos No Seguros. • https://about.gitlab.com/blog/2019/10/30/security-release-gitlab-12-dot-4-dot-1-released https://about.gitlab.com/blog/categories/releases • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2019-18463
https://notcve.org/view.php?id=CVE-2019-18463
An issue was discovered in GitLab Community and Enterprise Edition through 12.4. It has Insecure Permissions (issue 4 of 4). Se detectó un problema en GitLab Community and Enterprise Edition versiones hasta 12.4. Posee Permisos No Seguros (problema 4 de 4). • https://about.gitlab.com/blog/2019/10/30/security-release-gitlab-12-dot-4-dot-1-released https://about.gitlab.com/blog/categories/releases • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 5.3EPSS: 0%CPEs: 6EXPL: 0CVE-2019-15740
https://notcve.org/view.php?id=CVE-2019-15740
An issue was discovered in GitLab Community and Enterprise Edition 7.9 through 12.2.1. EXIF Geolocation data was not being removed from certain image uploads. Se detectó un problema en GitLab Community and Enterprise Edition versiones 7.9 hasta 12.2.1. Los datos de geolocalización de EXIF no estaban siendo eliminados desde ciertas cargas de imágenes. • https://about.gitlab.com/2019/08/29/security-release-gitlab-12-dot-2-dot-3-released https://gitlab.com/gitlab-org/gitlab-ce/issues/61390 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 0CVE-2019-15739
https://notcve.org/view.php?id=CVE-2019-15739
An issue was discovered in GitLab Community and Enterprise Edition 8.1 through 12.2.1. Certain areas displaying Markdown were not properly sanitizing some XSS payloads. Se detectó un problema en GitLab Community and Enterprise Edition versiones 8.1 hasta 12.2.1. En ciertas áreas que muestran Markdown no fueron saneadas apropiadamente algunas cargas útiles de XSS. • https://about.gitlab.com/2019/08/29/security-release-gitlab-12-dot-2-dot-3-released https://gitlab.com/gitlab-org/gitlab-ce/issues/64033 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •