Shodan
Vulnerabilities
Vulnerable Software
Gitlab:  >> Gitlab  >> 11.5  Security Vulnerabilities
CVE-2019-9485
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Insecure Permissions.
CVSS Score
9.8
EPSS Score
0.002
Published
2019-05-29
CVE-2019-9732
An issue was discovered in GitLab Community and Enterprise Edition 10.x (starting from 10.8) and 11.x before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control.
CVSS Score
9.8
EPSS Score
0.002
Published
2019-05-29
CVE-2019-9866
An issue was discovered in GitLab Community and Enterprise Edition 11.x before 11.7.7 and 11.8.x before 11.8.3. It allows Information Disclosure.
CVSS Score
6.5
EPSS Score
0.001
Published
2019-05-29
CVE-2019-7549
An issue was discovered in GitLab Community and Enterprise Edition 10.x and 11.x before 11.5.10, 11.6.x before 11.6.8, and 11.7.x before 11.7.3. It has Incorrect Access Control. The GitLab pipelines feature is vulnerable to authorization issues that allow unauthorized users to view job information.
CVSS Score
4.3
EPSS Score
0.001
Published
2019-05-29
CVE-2019-9218
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control (issue 1 of 5).
CVSS Score
9.8
EPSS Score
0.002
Published
2019-05-29
CVE-2019-6787
An Incorrect Access Control issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. The GitLab API allowed project Maintainers and Owners to view the trigger tokens of other project users.
CVSS Score
6.5
EPSS Score
0.001
Published
2019-05-17
CVE-2019-6790
An Incorrect Access Control (issue 2 of 3) issue was discovered in GitLab Community and Enterprise Edition 8.14 and later but before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. Guest users were able to view the list of a group's merge requests.
CVSS Score
4.3
EPSS Score
0.001
Published
2019-05-17
CVE-2019-10112
An issue was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. The construction of the HMAC key was insecurely derived.
CVSS Score
7.5
EPSS Score
0.001
Published
2019-05-16
CVE-2019-10116
An Insecure Permissions issue (issue 3 of 3) was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. Guests of a project were allowed to see Related Branches created for an issue.
CVSS Score
4.3
EPSS Score
0.001
Published
2019-05-16
CVE-2019-10117
An Open Redirect issue was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. A redirect is triggered after successful authentication within the Oauth/:GeoAuthController for the secondary Geo node.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-05-16


Products
Pricing
Contact Us

Shodan ® - All rights reserved