CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-19258
https://notcve.org/view.php?id=CVE-2019-19258
03 Jan 2020 — GitLab Enterprise Edition (EE) 10.8 and later through 12.5 has Incorrect Access Control. GitLab Enterprise Edition (EE) versiones 10.8 y posteriores hasta la versión 12.5, tiene un Control de Acceso Incorrecto. • https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2019-19257
https://notcve.org/view.php?id=CVE-2019-19257
03 Jan 2020 — GitLab Community Edition (CE) and Enterprise Edition (EE) through 12.5 has Incorrect Access Control (issue 1 of 2). GitLab Community Edition (CE) and Enterprise Edition (EE) versiones hasta la versión 12.5, tienen un Control de Acceso Incorrecto • https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-19256
https://notcve.org/view.php?id=CVE-2019-19256
03 Jan 2020 — GitLab Enterprise Edition (EE) 12.2 and later through 12.5 has Incorrect Access Control. GitLab Enterprise Edition (EE) versiones 12.2 y posteriores hasta la versión 12.5, tienen un Control de Acceso Incorrecto. • https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-19255
https://notcve.org/view.php?id=CVE-2019-19255
03 Jan 2020 — GitLab Enterprise Edition (EE) 12.3 and later through 12.5 has Incorrect Access Control. GitLab Enterprise Edition (EE) versiones 12.3 y posteriores hasta la versión 12.5, tiene un Control de Acceso Incorrecto. • https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2019-19254
https://notcve.org/view.php?id=CVE-2019-19254
03 Jan 2020 — GitLab Community Edition (CE) and Enterprise Edition (EE). 9.6 and later through 12.5 has Incorrect Access Control. GitLab Community Edition (CE) and Enterprise Edition (EE). Versiones 9.6 y posteriores hasta la versión 12.5, tiene un Control de Acceso Incorrecto. • https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-19088
https://notcve.org/view.php?id=CVE-2019-19088
03 Jan 2020 — Gitlab Enterprise Edition (EE) 11.3 through 12.4.2 allows Directory Traversal. Gitlab Enterprise Edition (EE) versiones 11.3 hasta la versión 12.4.2, permite un Salto de Directorio. • https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-19087
https://notcve.org/view.php?id=CVE-2019-19087
03 Jan 2020 — Gitlab Enterprise Edition (EE) before 12.5.1 has Insecure Permissions (issue 2 of 2). Gitlab Enterprise Edition (EE) versiones anteriores a la versión 12.5.1, tiene Permisos No Seguros • https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-19086
https://notcve.org/view.php?id=CVE-2019-19086
03 Jan 2020 — Gitlab Enterprise Edition (EE) before 12.5.1 has Insecure Permissions (issue 1 of 2). Gitlab Enterprise Edition (EE) versiones anteriores a la versíon 12.5.1, tiene Permisos No Seguros (problema 1 de 2). • https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 0CVE-2019-19311
https://notcve.org/view.php?id=CVE-2019-19311
03 Jan 2020 — GitLab EE 8.14 through 12.5, 12.4.3, and 12.3.6 allows XSS in group and profile fields. GitLab EE versiones 8.14 hasta la versión 12.5, 12.4.3 y 12.3.6, permite un ataque de tipo XSS en los campos group y profile. • https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 0CVE-2018-20488
https://notcve.org/view.php?id=CVE-2018-20488
30 Dec 2019 — An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It allows Information Exposure. Se descubrió un problema en GitLab Community and Enterprise Edition versiones anteriores a la versión 11.4.13, versiones 11.5.x anteriores a la versión 11.5.6 y versiones 11.6.x anteriores a la versión 11.6.1. Permite una Exposición de Información. • https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •