An issue was discovered in GitLab Enterprise Edition (EE) 8.9.0 through 12.6.1. Using the project import feature, it was possible for someone to obtain issues from private projects.
CVSS Score
5.3
EPSS Score
0.001
Published
2020-01-13
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 5.1 through 12.6.1. It has Incorrect Access Control.
CVSS Score
4.3
EPSS Score
0.001
Published
2020-01-13
GitLab EE 8.4 through 12.5, 12.4.3, and 12.3.6 stored several tokens in plaintext.
CVSS Score
7.5
EPSS Score
0.001
Published
2020-01-05
GitLab Community Edition (CE) and Enterprise Edition (EE) through 12.5 has Incorrect Access Control (issue 1 of 2).
CVSS Score
5.3
EPSS Score
0.001
Published
2020-01-03
GitLab Community Edition (CE) and Enterprise Edition (EE) through 12.5 has Incorrect Access Control (issue 2 of 2).
CVSS Score
5.4
EPSS Score
0.001
Published
2020-01-03
GitLab Enterprise Edition (EE) 6.7 and later through 12.5 allows SSRF.
CVSS Score
8.8
EPSS Score
0.001
Published
2020-01-03
GitLab Enterprise Edition (EE) 8.2 and later through 12.5 has Insecure Permissions.
CVSS Score
4.3
EPSS Score
0.0
Published
2020-01-03
An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It allows SSRF.
CVSS Score
5.0
EPSS Score
0.001
Published
2019-12-30
An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It has Incorrect Access Control.
CVSS Score
4.3
EPSS Score
0.001
Published
2019-12-30
An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It has Incorrect Access Control.
CVSS Score
6.3
EPSS Score
0.001
Published
2019-12-30