CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2019-15723
https://notcve.org/view.php?id=CVE-2019-15723
An issue was discovered in GitLab Community and Enterprise Edition 11.9.x and 11.10.x before 11.10.1. Merge requests created by email could be used to bypass push rules in certain situations. Se descubrió un problema en GitLab Community and Enterprise Edition versiones 11.9.x y versiones 11.10.x anteriores a 11.10.1. Las peticiones de fusión creadas por medio del correo electrónico podrían ser usadas para omitir las reglas de inserción en ciertas situaciones. • https://about.gitlab.com/2019/08/29/security-release-gitlab-12-dot-2-dot-3-released https://gitlab.com/gitlab-org/gitlab-ee/issues/11302 • CWE-862: Missing Authorization •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2019-15722
https://notcve.org/view.php?id=CVE-2019-15722
An issue was discovered in GitLab Community and Enterprise Edition 8.15 through 12.2.1. Particular mathematical expressions in GitLab Markdown can exhaust client resources. Se descubrió un problema en GitLab Community and Enterprise Edition versiones 8.15 hasta 12.2.1. Las expresiones matemáticas particulares en GitLab Markdown pueden agotar los recursos del cliente. • https://about.gitlab.com/2019/08/29/security-release-gitlab-12-dot-2-dot-3-released https://gitlab.com/gitlab-org/gitlab-ce/issues/61410 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2019-15721
https://notcve.org/view.php?id=CVE-2019-15721
An issue was discovered in GitLab Community and Enterprise Edition 10.8 through 12.2.1. An internal endpoint unintentionally allowed group maintainers to view and edit group runner settings. Se descubrió un problema en GitLab Community and Enterprise Edition versiones 10.8 hasta 12.2.1. Un end point interno permitió involuntariamente a los mantenedores del grupo visualizar y editar la configuración del ejecutor de grupo. • https://about.gitlab.com/2019/08/29/security-release-gitlab-12-dot-2-dot-3-released https://gitlab.com/gitlab-org/gitlab-ce/issues/61981 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2019-16170
https://notcve.org/view.php?id=CVE-2019-16170
An issue was discovered in GitLab Enterprise Edition 11.x and 12.x before 12.0.9, 12.1.x before 12.1.9, and 12.2.x before 12.2.5. It has Incorrect Access Control. Se descubrió un problema en GitLab Enterprise Edition versiones 11.x y versiones 12.x anteriores a 12.0.9, versiones 12.1.x anteriores a 12.1.9 y versiones 12.2.x anteriores a 12.2.5. Posee un Control de Acceso Incorrecto. • https://about.gitlab.com/2019/09/10/critical-security-release-gitlab-12-dot-2-dot-5-released •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2019-6791
https://notcve.org/view.php?id=CVE-2019-6791
An issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It has Incorrect Access Control (issue 3 of 3). When a project with visibility more permissive than the target group is imported, it will retain its prior visibility. Se descubrió un problema en GitLab Community and Enterprise Edition versiones anteriores a 11.5.8, versiones 11.6.x anteriores a 11.6.6 y versiones 11.7.x anteriores a 11.7.1. Este presenta un Control de Acceso Incorrecto (problema 3 de 3). • https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released • CWE-281: Improper Preservation of Permissions •