An issue was discovered in GitLab Enterprise Edition 8.3 through 12.0.2. The color codes decoder was vulnerable to a resource depletion attack if specific formats were used. It allows Uncontrolled Resource Consumption.
CVSS Score
5.9
EPSS Score
0.002
Published
2020-03-10
An issue was discovered in GitLab Community and Enterprise Edition 8.3 through 11.11. It allows Information Exposure through an Error Message.
CVSS Score
7.5
EPSS Score
0.001
Published
2020-03-10
An issue was discovered in GitLab Community and Enterprise Edition before 12.0.3. One of the parsers used by Gilab CI was vulnerable to a resource exhaustion attack. It allows Uncontrolled Resource Consumption.
CVSS Score
7.5
EPSS Score
0.001
Published
2020-03-10
An issue was discovered in GitLab Community and Enterprise Edition 6.8 through 11.11. Users could bypass the mandatory external authentication provider sign-in restrictions by sending a specially crafted request. It has Improper Authorization.
CVSS Score
9.8
EPSS Score
0.002
Published
2020-03-10
GitLab 11.8 and later contains a security vulnerability that allows a user to obtain details of restricted pipelines via the merge request endpoint.
CVSS Score
4.3
EPSS Score
0.003
Published
2020-02-14
GitLab through 12.7.2 allows XSS.
CVSS Score
6.1
EPSS Score
0.002
Published
2020-02-05
GitLab EE 8.0 through 12.7.2 has Incorrect Access Control.
CVSS Score
7.5
EPSS Score
0.001
Published
2020-02-05
GitLab EE 8.0 and later through 12.7.2 allows Information Disclosure.
CVSS Score
7.5
EPSS Score
0.001
Published
2020-02-05
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 5.1 through 12.6.1. It has Incorrect Access Control.
CVSS Score
4.3
EPSS Score
0.001
Published
2020-01-13
GitLab Community Edition (CE) and Enterprise Edition (EE) through 12.5 has Incorrect Access Control (issue 1 of 2).
CVSS Score
5.3
EPSS Score
0.001
Published
2020-01-03