CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2019-6791
https://notcve.org/view.php?id=CVE-2019-6791
An issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It has Incorrect Access Control (issue 3 of 3). When a project with visibility more permissive than the target group is imported, it will retain its prior visibility. Se descubrió un problema en GitLab Community and Enterprise Edition versiones anteriores a 11.5.8, versiones 11.6.x anteriores a 11.6.6 y versiones 11.7.x anteriores a 11.7.1. Este presenta un Control de Acceso Incorrecto (problema 3 de 3). • https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released • CWE-281: Improper Preservation of Permissions •
CVSS: 4.3EPSS: 0%CPEs: 12EXPL: 1CVE-2019-7176
https://notcve.org/view.php?id=CVE-2019-7176
An issue was discovered in GitLab Community and Enterprise Edition 8.x (starting in 8.9), 9.x, 10.x, and 11.x before 11.5.9, 11.6.x before 11.6.7, and 11.7.x before 11.7.2. It has Incorrect Access Control. Guest users are able to add reaction emojis on comments to which they have no visibility. Se descubrió un problema en GitLab Community and Enterprise Edition versiones 8.x (a partir de 8.9), 9.x, 10.xy versiones 11.x anteriores a 11.5.9, versiones 11.6.x anteriores a 11.6.7 y versiones 11.7.x anteriores a 11.7 .2. Presenta un Control de Acceso Incorrecto. • https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released https://gitlab.com/gitlab-org/gitlab-ce/issues/51332 •
CVSS: 6.5EPSS: 0%CPEs: 12EXPL: 1CVE-2019-6995
https://notcve.org/view.php?id=CVE-2019-6995
An issue was discovered in GitLab Community and Enterprise Edition 8.x, 9.x, 10.x, and 11.x before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It has Incorrect Access Control. Users are able to comment on locked project issues. Se detectó un problema en GitLab Community and Enterprise Edition 8.x, 9.x, 10.xy versiones 11.x anteriores a 11.5.8, versiones 11.6.x anteriores a 11.6.6 y versiones 11.7.x anteriores a 11.7.1. Presenta un Control de Acceso Incorrecto. • https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released https://gitlab.com/gitlab-org/gitlab-ce/issues/55537 • CWE-281: Improper Preservation of Permissions •
CVSS: 9.8EPSS: 0%CPEs: 10EXPL: 1CVE-2019-6960
https://notcve.org/view.php?id=CVE-2019-6960
An issue was discovered in GitLab Community and Enterprise Edition 9.x, 10.x, and 11.x before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It has Incorrect Access Control. Access to the internal wiki is permitted when an external wiki service is enabled. Se detectó un problema en GitLab Community and Enterprise Edition versiones 9.x, 10.x y versiones 11.x anteriores a 11.5.8, versiones 11.6.x anteriores a 11.6.6 y versiones 11.7.x anteriores a 11.7.1. Presenta un Control de Acceso Incorrecto. • https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released https://gitlab.com/gitlab-org/gitlab-ce/issues/54357 •
CVSS: 5.8EPSS: 0%CPEs: 6EXPL: 1CVE-2019-6795
https://notcve.org/view.php?id=CVE-2019-6795
An issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It has Insufficient Visual Distinction of Homoglyphs Presented to a User. IDN homographs and RTLO characters are rendered to unicode, which could be used for social engineering. Se detectó un problema en GitLab Community and Enterprise Edition versiones anteriores a 11.5.8, versiones 11.6.x anteriores a 11.6.6 y versiones 11.7.x anteriores a 11.7.1. Presenta una Distinción Visual Insuficiente de Homoglifos Presentados a un Usuario. • https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released https://gitlab.com/gitlab-org/gitlab-ce/issues/29365 •