CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2019-18456
https://notcve.org/view.php?id=CVE-2019-18456
An issue was discovered in GitLab Community and Enterprise Edition 8.17 through 12.4 in the Search feature provided by Elasticsearch integration.. It has Insecure Permissions (issue 1 of 4). Se detectó un problema en GitLab Community and Enterprise Edition versiones 8.17 hasta 12.4, en la funcionalidad Search provista por la integración de Elasticsearch. Posee Permisos No Seguros (problema 1 de 4). • https://about.gitlab.com/blog/2019/10/30/security-release-gitlab-12-dot-4-dot-1-released https://about.gitlab.com/blog/categories/releases • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 4.0EPSS: 0%CPEs: 2EXPL: 0CVE-2019-18458
https://notcve.org/view.php?id=CVE-2019-18458
An issue was discovered in GitLab Community and Enterprise Edition through 12.4. It has Insecure Permissions (issue 2 of 4). Se detectó un problema en GitLab Community and Enterprise Edition versiones hasta 12.4. Posee Permisos No Seguros (problema 2 de 4). • https://about.gitlab.com/blog/2019/10/30/security-release-gitlab-12-dot-4-dot-1-released https://about.gitlab.com/blog/categories/releases • CWE-281: Improper Preservation of Permissions •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-18460
https://notcve.org/view.php?id=CVE-2019-18460
An issue was discovered in GitLab Community and Enterprise Edition 8.15 through 12.4 in the Comments Search feature provided by the Elasticsearch integration. It has Incorrect Access Control. Se detectó un problema en GitLab Community and Enterprise Edition versiones 8.15 hasta 12.4, en la funcionalidad Comments Search provista por la integración de Elasticsearch. Posee un Control de Acceso Incorrecto. • https://about.gitlab.com/blog/2019/10/30/security-release-gitlab-12-dot-4-dot-1-released https://about.gitlab.com/blog/categories/releases • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2019-18463
https://notcve.org/view.php?id=CVE-2019-18463
An issue was discovered in GitLab Community and Enterprise Edition through 12.4. It has Insecure Permissions (issue 4 of 4). Se detectó un problema en GitLab Community and Enterprise Edition versiones hasta 12.4. Posee Permisos No Seguros (problema 4 de 4). • https://about.gitlab.com/blog/2019/10/30/security-release-gitlab-12-dot-4-dot-1-released https://about.gitlab.com/blog/categories/releases • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2019-15729
https://notcve.org/view.php?id=CVE-2019-15729
An issue was discovered in GitLab Community and Enterprise Edition 8.18 through 12.2.1. An internal endpoint unintentionally disclosed information about the last pipeline that ran for a merge request. Se detectó un problema en GitLab Community and Enterprise Edition versiones 8.18 hasta 12.2.1. Un end point interno divulgó involuntariamente información sobre la última pipeline que se ejecutó para una petición de fusión. • https://about.gitlab.com/2019/08/29/security-release-gitlab-12-dot-2-dot-3-released https://gitlab.com/gitlab-org/gitlab-ce/issues/62073 • CWE-863: Incorrect Authorization •