Shodan
Vulnerabilities
Vulnerable Software
Gitlab:  >> Gitlab  Security Vulnerabilities
CVE-2018-18648
An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It has Information Exposure Through an Error Message.
CVSS Score
7.5
EPSS Score
0.001
Published
2018-12-04
CVE-2018-18843
The Kubernetes integration in GitLab Enterprise Edition 11.x before 11.2.8, 11.3.x before 11.3.9, and 11.4.x before 11.4.4 has SSRF.
CVSS Score
10.0
EPSS Score
0.003
Published
2018-12-04
CVE-2018-18649
An issue was discovered in the wiki API in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It allows for remote code execution.
CVSS Score
9.8
EPSS Score
0.55
Published
2018-11-29
CVE-2018-16048
An issue was discovered in GitLab Community and Enterprise Edition before 11.0.6, 11.1.x before 11.1.5, and 11.2.x before 11.2.2. There is Missing Authorization Control for API Repository Storage.
CVSS Score
6.5
EPSS Score
0.001
Published
2018-10-03
CVE-2018-16049
An issue was discovered in GitLab Community and Enterprise Edition before 11.0.6, 11.1.x before 11.1.5, and 11.2.x before 11.2.2. There is Sensitive Data Disclosure in Sidekiq Logs through an Error Message.
CVSS Score
9.8
EPSS Score
0.002
Published
2018-10-03
CVE-2018-16050
An issue was discovered in GitLab Community and Enterprise Edition 11.1.x before 11.1.5 and 11.2.x before 11.2.2. There is Persistent XSS in the Merge Request Changes View.
CVSS Score
6.1
EPSS Score
0.001
Published
2018-10-03
CVE-2018-16051
An issue was discovered in GitLab Community and Enterprise Edition before 11.0.6, 11.1.x before 11.1.5, and 11.2.x before 11.2.2. There is Orphaned Upload Files Exposure.
CVSS Score
6.5
EPSS Score
0.001
Published
2018-10-03
CVE-2018-12605
An issue was discovered in GitLab Community Edition and Enterprise Edition 10.7.x before 10.7.6. The usage of 'url_for' contained a XSS issue due to it allowing arbitrary protocols as a parameter.
CVSS Score
5.4
EPSS Score
0.001
Published
2018-08-03
CVE-2018-12606
An issue was discovered in GitLab Community Edition and Enterprise Edition before 10.7.6, 10.8.x before 10.8.5, and 11.x before 11.0.1. The wiki contains a persistent XSS issue due to a lack of output encoding affecting a specific markdown feature.
CVSS Score
5.4
EPSS Score
0.001
Published
2018-08-03
CVE-2018-12607
An issue was discovered in GitLab Community Edition and Enterprise Edition before 10.7.6, 10.8.x before 10.8.5, and 11.x before 11.0.1. The charts feature contained a persistent XSS issue due to a lack of output encoding.
CVSS Score
5.4
EPSS Score
0.001
Published
2018-08-03


Products
Pricing
Contact Us

Shodan ® - All rights reserved