Shodan
Vulnerabilities
Vulnerable Software
Gitlab:  >> Gitlab  Security Vulnerabilities
CVE-2019-7155
An issue was discovered in GitLab Community and Enterprise Edition 9.x, 10.x, and 11.x before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It has Incorrect Access Control. A user retains their role within a project in a private group after being removed from the group, if their privileges within the project are different from the group.
CVSS Score
6.5
EPSS Score
0.001
Published
2019-04-16
CVE-2019-6796
An issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It allows XSS (issue 2 of 2). The user status field contains a lack of input validation and output encoding that results in a persistent XSS.
CVSS Score
6.1
EPSS Score
0.001
Published
2019-04-11
CVE-2018-20229
GitLab Community and Enterprise Edition before 11.3.14, 11.4.x before 11.4.12, and 11.5.x before 11.5.5 allows Directory Traversal.
CVSS Score
7.5
EPSS Score
0.001
Published
2019-04-04
CVE-2018-20144
GitLab Community and Enterprise Edition 11.x before 11.3.13, 11.4.x before 11.4.11, and 11.5.x before 11.5.4 has Incorrect Access Control.
CVSS Score
7.5
EPSS Score
0.002
Published
2019-03-28
CVE-2018-19856
GitLab CE/EE before 11.3.12, 11.4.x before 11.4.10, and 11.5.x before 11.5.3 allows Directory Traversal in Templates API.
CVSS Score
7.5
EPSS Score
0.001
Published
2019-03-26
CVE-2019-6240
An issue was discovered in GitLab Community and Enterprise Edition before 11.4. It allows Directory Traversal.
CVSS Score
7.5
EPSS Score
0.001
Published
2019-03-25
CVE-2018-17939
An issue was discovered in GitLab Community and Enterprise Edition 11.1.x before 11.1.8, 11.2.x before 11.2.5, and 11.3.x before 11.3.2. There is Information Exposure via the merge request JSON endpoint.
CVSS Score
7.5
EPSS Score
0.001
Published
2018-12-04
CVE-2018-17975
An issue was discovered in GitLab Community Edition 11.x before 11.1.8, 11.2.x before 11.2.5, and 11.3.x before 11.3.2. There is Information Exposure via the GFM markdown API.
CVSS Score
5.3
EPSS Score
0.001
Published
2018-12-04
CVE-2018-17976
An issue was discovered in GitLab Community Edition 11.x before 11.1.8, 11.2.x before 11.2.5, and 11.3.x before 11.3.2. There is Information Exposure via Epic change descriptions.
CVSS Score
6.5
EPSS Score
0.001
Published
2018-12-04
CVE-2018-18640
An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It has Information Exposure Through Browser Caching.
CVSS Score
6.5
EPSS Score
0.001
Published
2018-12-04


Products
Pricing
Contact Us

Shodan ® - All rights reserved