Gitlab: >> Gitlab >> 11.11.2 Security Vulnerabilities
GitLab EE 11.11 and later through 12.7.2 allows Directory Traversal.
CVSS Score
7.5
EPSS Score
0.001
Published
2020-02-05
GitLab EE 8.0 through 12.7.2 has Incorrect Access Control.
CVSS Score
7.5
EPSS Score
0.001
Published
2020-02-05
GitLab EE 8.0 and later through 12.7.2 allows Information Disclosure.
CVSS Score
7.5
EPSS Score
0.001
Published
2020-02-05
GitLab EE 8.9 and later through 12.7.2 has Insecure Permission
CVSS Score
5.3
EPSS Score
0.001
Published
2020-02-05
GitLab EE 8.9 and later through 12.7.2 has Insecure Permission
CVSS Score
9.8
EPSS Score
0.002
Published
2020-02-05
An IDOR was discovered in GitLab CE/EE 11.5 and later that allowed new merge requests endpoint to disclose label names.
CVSS Score
4.3
EPSS Score
0.003
Published
2020-01-28
An privilege escalation issue was discovered in Gitlab versions < 12.1.2, < 12.0.4, and < 11.11.6 when Mattermost slash commands are used with a blocked account.
CVSS Score
8.8
EPSS Score
0.007
Published
2020-01-28
An information disclosure issue was discovered GitLab versions < 12.1.2, < 12.0.4, and < 11.11.6 in the security dashboard which could result in disclosure of vulnerability feedback information.
CVSS Score
7.5
EPSS Score
0.003
Published
2020-01-28
An authorization issue was discovered in Gitlab versions < 12.1.2, < 12.0.4, and < 11.11.6 that prevented owners and maintainer to delete epic comments.
CVSS Score
7.5
EPSS Score
0.002
Published
2020-01-28
An authorization issue was discovered in GitLab EE < 12.1.2, < 12.0.4, and < 11.11.6 allowing the merge request approval rules to be overridden without appropriate permissions.
CVSS Score
6.5
EPSS Score
0.002
Published
2020-01-28