CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2019-18449
https://notcve.org/view.php?id=CVE-2019-18449
An issue was discovered in GitLab Community and Enterprise Edition before 12.4 in the autocomplete feature. It has Insecure Permissions (issue 2 of 2). Se detectó un problema en GitLab Community and Enterprise Edition versiones anteriores a 12.4, en la funcionalidad autocomplete. Posee Permisos No Seguros (problema 2 de 2). • https://about.gitlab.com/blog/2019/10/30/security-release-gitlab-12-dot-4-dot-1-released https://about.gitlab.com/blog/categories/releases • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2019-18450
https://notcve.org/view.php?id=CVE-2019-18450
An issue was discovered in GitLab Community and Enterprise Edition before 12.4 in the Project labels feature. It has Insecure Permissions. Se detectó un problema en GitLab Community and Enterprise Edition versiones anteriores a 12.4, en la funcionalidad Project labels. Posee Permisos No Seguros. • https://about.gitlab.com/blog/2019/10/30/security-release-gitlab-12-dot-4-dot-1-released https://about.gitlab.com/blog/categories/releases • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2019-18454
https://notcve.org/view.php?id=CVE-2019-18454
An issue was discovered in GitLab Community and Enterprise Edition 10.5 through 12.4 in link validation for RDoc wiki pages feature. It has XSS. Se detectó un problema en GitLab Community and Enterprise Edition versiones 10.5 hasta 12.4, en la comprobación de enlaces para la funcionalidad de páginas RDoc wiki. Presenta una vulnerabilidad de tipo XSS. • https://about.gitlab.com/blog/2019/10/30/security-release-gitlab-12-dot-4-dot-1-released https://about.gitlab.com/blog/categories/releases • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2019-18456
https://notcve.org/view.php?id=CVE-2019-18456
An issue was discovered in GitLab Community and Enterprise Edition 8.17 through 12.4 in the Search feature provided by Elasticsearch integration.. It has Insecure Permissions (issue 1 of 4). Se detectó un problema en GitLab Community and Enterprise Edition versiones 8.17 hasta 12.4, en la funcionalidad Search provista por la integración de Elasticsearch. Posee Permisos No Seguros (problema 1 de 4). • https://about.gitlab.com/blog/2019/10/30/security-release-gitlab-12-dot-4-dot-1-released https://about.gitlab.com/blog/categories/releases • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 4.0EPSS: 0%CPEs: 2EXPL: 0CVE-2019-18458
https://notcve.org/view.php?id=CVE-2019-18458
An issue was discovered in GitLab Community and Enterprise Edition through 12.4. It has Insecure Permissions (issue 2 of 4). Se detectó un problema en GitLab Community and Enterprise Edition versiones hasta 12.4. Posee Permisos No Seguros (problema 2 de 4). • https://about.gitlab.com/blog/2019/10/30/security-release-gitlab-12-dot-4-dot-1-released https://about.gitlab.com/blog/categories/releases • CWE-281: Improper Preservation of Permissions •