Security Vulnerabilities - CVEs Published In January 2020
GitLab Community Edition (CE) and Enterprise Edition (EE) through 12.5 has Incorrect Access Control (issue 2 of 2).
CVSS Score
5.4
EPSS Score
0.001
Published
2020-01-03
GitLab Enterprise Edition (EE) 6.7 and later through 12.5 allows SSRF.
CVSS Score
8.8
EPSS Score
0.001
Published
2020-01-03
GitLab Enterprise Edition (EE) 11.9 and later through 12.5 has Insecure Permissions.
CVSS Score
4.3
EPSS Score
0.001
Published
2020-01-03
GitLab Enterprise Edition (EE) 8.2 and later through 12.5 has Insecure Permissions.
CVSS Score
4.3
EPSS Score
0.0
Published
2020-01-03
GitLab EE 8.14 through 12.5, 12.4.3, and 12.3.6 allows XSS in group and profile fields.
CVSS Score
5.4
EPSS Score
0.002
Published
2020-01-03
Gitlab Enterprise Edition (EE) before 12.5.1 has Insecure Permissions (issue 1 of 2).
CVSS Score
4.3
EPSS Score
0.0
Published
2020-01-03
Gitlab Enterprise Edition (EE) before 12.5.1 has Insecure Permissions (issue 2 of 2).
CVSS Score
4.3
EPSS Score
0.0
Published
2020-01-03
Gitlab Enterprise Edition (EE) 11.3 through 12.4.2 allows Directory Traversal.
CVSS Score
9.8
EPSS Score
0.001
Published
2020-01-03
GitLab Community Edition (CE) and Enterprise Edition (EE). 9.6 and later through 12.5 has Incorrect Access Control.
CVSS Score
5.3
EPSS Score
0.002
Published
2020-01-03
Mate 10 Pro;Honor V10;Honor 10;Nova 4 smartphones have a denial of service vulnerability. The system does not properly check the status of certain module during certain operations, an attacker should trick the user into installing a malicious application, successful exploit could cause reboot of the smartphone.
CVSS Score
5.5
EPSS Score
0.001
Published
2020-01-03