CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2019-13004
https://notcve.org/view.php?id=CVE-2019-13004
An issue was discovered in GitLab Community and Enterprise Edition 11.10 through 12.0.2. When specific encoded characters were added to comments, the comments section would become inaccessible. It has Incorrect Access Control (issue 1 of 2). Se detectó un problema en GitLab Community and Enterprise Edition versiones 11.10 hasta 12.0.2. Cuando fueron agregados caracteres codificados específicos a los comentarios, la sección de comentarios se volvería inaccesible. tiene un Control de Acceso Incorrecto (problema 1 de 2). • https://about.gitlab.com/blog/categories/releases https://about.gitlab.com/releases/2019/07/03/security-release-gitlab-12-dot-0-dot-3-released •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-13003
https://notcve.org/view.php?id=CVE-2019-13003
An issue was discovered in GitLab Community and Enterprise Edition before 12.0.3. One of the parsers used by Gilab CI was vulnerable to a resource exhaustion attack. It allows Uncontrolled Resource Consumption. Se detectó un problema en GitLab Community and Enterprise Edition versiones anteriores a la versión 12.0.3. Uno de los analizadores usados por Gilab CI era vulnerable a un ataque de agotamiento de recursos. • https://about.gitlab.com/blog/categories/releases https://about.gitlab.com/releases/2019/07/03/security-release-gitlab-12-dot-0-dot-3-released • CWE-400: Uncontrolled Resource Consumption •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2019-13002
https://notcve.org/view.php?id=CVE-2019-13002
An issue was discovered in GitLab Community and Enterprise Edition 11.10 through 12.0.2. Unauthorized users were able to read pipeline information of the last merge request. It has Incorrect Access Control. Se detectó un problema en GitLab Community and Enterprise Edition versiones 11.10 hasta 12.0.2. Usuarios no autorizados fueron capaces de leer información de la tubería de la última petición de fusión. • https://about.gitlab.com/blog/categories/releases https://about.gitlab.com/releases/2019/07/03/security-release-gitlab-12-dot-0-dot-3-released •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2019-13001
https://notcve.org/view.php?id=CVE-2019-13001
An issue was discovered in GitLab Community and Enterprise Edition 11.9 and later through 12.0.2. GitLab Snippets were vulnerable to an authorization issue that allowed unauthorized users to add comments to a private snippet. It allows authentication bypass. Se detectó un problema en GitLab Community and Enterprise Edition versiones 11.9 y posteriores hasta 12.0.2. GitLab Snippets eran vulnerables a un problema de autorización que permitía a usuarios no autorizados agregar comentarios a un fragmento privado. • https://about.gitlab.com/blog/categories/releases https://about.gitlab.com/releases/2019/07/03/security-release-gitlab-12-dot-0-dot-3-released • CWE-863: Incorrect Authorization •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-12446
https://notcve.org/view.php?id=CVE-2019-12446
An issue was discovered in GitLab Community and Enterprise Edition 8.3 through 11.11. It allows Information Exposure through an Error Message. Se detectó un problema en GitLab Community and Enterprise Edition versiones 8.3 hasta 11.11. Permite una Exposición de la Información por medio de un Mensaje de Error. • https://about.gitlab.com/blog/categories/releases https://about.gitlab.com/releases/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released • CWE-209: Generation of Error Message Containing Sensitive Information •