CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-19262
https://notcve.org/view.php?id=CVE-2019-19262
GitLab Enterprise Edition (EE) 11.9 and later through 12.5 has Insecure Permissions. GitLab Enterprise Edition (EE) versiones 11.9 y posteriores hasta la versión 12.5, tiene Permisos No Seguros. • https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-2-released https://about.gitlab.com/blog/categories/releases • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-19261
https://notcve.org/view.php?id=CVE-2019-19261
GitLab Enterprise Edition (EE) 6.7 and later through 12.5 allows SSRF. GitLab Enterprise Edition (EE) versiones 6.7 y posteriores hasta la 12.5, permite un ataque de tipo SSRF. • https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released https://about.gitlab.com/blog/categories/releases • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-19260
https://notcve.org/view.php?id=CVE-2019-19260
GitLab Community Edition (CE) and Enterprise Edition (EE) through 12.5 has Incorrect Access Control (issue 2 of 2). GitLab Community Edition (CE) and Enterprise Edition (EE) versiones hasta la versión 12.5, tiene un Control de Acceso Incorrecto (problema 2 de 2). • https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released https://about.gitlab.com/blog/categories/releases •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-19259
https://notcve.org/view.php?id=CVE-2019-19259
GitLab Enterprise Edition (EE) 11.3 and later through 12.5 allows an Insecure Direct Object Reference (IDOR). GitLab Enterprise Edition (EE) versiones 11.3 y posteriores hasta la versión 12.5, permite una Referencia de Objeto Directo No Seguro (IDOR). • https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released https://about.gitlab.com/blog/categories/releases • CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-19258
https://notcve.org/view.php?id=CVE-2019-19258
GitLab Enterprise Edition (EE) 10.8 and later through 12.5 has Incorrect Access Control. GitLab Enterprise Edition (EE) versiones 10.8 y posteriores hasta la versión 12.5, tiene un Control de Acceso Incorrecto. • https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released https://about.gitlab.com/blog/categories/releases •