Shodan
Vulnerabilities
Vulnerable Software
Gitlab:  >> Gitlab  >> 8.9.5  Security Vulnerabilities
CVE-2019-13010
An issue was discovered in GitLab Enterprise Edition 8.3 through 12.0.2. The color codes decoder was vulnerable to a resource depletion attack if specific formats were used. It allows Uncontrolled Resource Consumption.
CVSS Score
5.9
EPSS Score
0.001
Published
2020-03-10
CVE-2019-12444
An issue was discovered in GitLab Community and Enterprise Edition 8.9 through 11.11. Wiki Pages contained a lack of input validation which resulted in a persistent XSS vulnerability.
CVSS Score
6.1
EPSS Score
0.001
Published
2020-03-10
CVE-2019-12445
An issue was discovered in GitLab Community and Enterprise Edition 8.4 through 11.11. A malicious user could execute JavaScript code on notes by importing a specially crafted project file. It allows XSS.
CVSS Score
5.4
EPSS Score
0.001
Published
2020-03-10
CVE-2019-12446
An issue was discovered in GitLab Community and Enterprise Edition 8.3 through 11.11. It allows Information Exposure through an Error Message.
CVSS Score
7.5
EPSS Score
0.001
Published
2020-03-10
CVE-2019-13003
An issue was discovered in GitLab Community and Enterprise Edition before 12.0.3. One of the parsers used by Gilab CI was vulnerable to a resource exhaustion attack. It allows Uncontrolled Resource Consumption.
CVSS Score
7.5
EPSS Score
0.0
Published
2020-03-10
CVE-2019-12441
An issue was discovered in GitLab Community and Enterprise Edition 8.4 through 11.11. The protected branches feature contained a access control issue which resulted in a bypass of the protected branches restriction rules. It has Incorrect Access Control.
CVSS Score
7.5
EPSS Score
0.001
Published
2020-03-10
CVE-2019-12428
An issue was discovered in GitLab Community and Enterprise Edition 6.8 through 11.11. Users could bypass the mandatory external authentication provider sign-in restrictions by sending a specially crafted request. It has Improper Authorization.
CVSS Score
9.8
EPSS Score
0.002
Published
2020-03-10
CVE-2019-15594
GitLab 11.8 and later contains a security vulnerability that allows a user to obtain details of restricted pipelines via the merge request endpoint.
CVSS Score
4.3
EPSS Score
0.003
Published
2020-02-14
CVE-2020-7973
GitLab through 12.7.2 allows XSS.
CVSS Score
6.1
EPSS Score
0.002
Published
2020-02-05
CVE-2020-7977
GitLab EE 8.8 and later through 12.7.2 has Insecure Permissions.
CVSS Score
5.3
EPSS Score
0.001
Published
2020-02-05


Products
Pricing
Contact Us

Shodan ® - All rights reserved