Shodan
Vulnerabilities
Vulnerable Software
Gitlab:  >> Gitlab  >> 10.8.0  Security Vulnerabilities
CVE-2019-9221
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control (issue 3 of 5).
CVSS Score
5.5
EPSS Score
0.0
Published
2019-05-29
CVE-2019-9485
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Insecure Permissions.
CVSS Score
9.8
EPSS Score
0.002
Published
2019-05-29
CVE-2019-9732
An issue was discovered in GitLab Community and Enterprise Edition 10.x (starting from 10.8) and 11.x before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control.
CVSS Score
9.8
EPSS Score
0.002
Published
2019-05-29
CVE-2019-7549
An issue was discovered in GitLab Community and Enterprise Edition 10.x and 11.x before 11.5.10, 11.6.x before 11.6.8, and 11.7.x before 11.7.3. It has Incorrect Access Control. The GitLab pipelines feature is vulnerable to authorization issues that allow unauthorized users to view job information.
CVSS Score
4.3
EPSS Score
0.001
Published
2019-05-29
CVE-2019-9218
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control (issue 1 of 5).
CVSS Score
9.8
EPSS Score
0.002
Published
2019-05-29
CVE-2019-6797
An information disclosure issue was discovered in GitLab Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. The GitHub token used in CI/CD for External Repos was being leaked to project maintainers in the UI.
CVSS Score
7.5
EPSS Score
0.001
Published
2019-05-17
CVE-2019-6787
An Incorrect Access Control issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. The GitLab API allowed project Maintainers and Owners to view the trigger tokens of other project users.
CVSS Score
6.5
EPSS Score
0.001
Published
2019-05-17
CVE-2019-6790
An Incorrect Access Control (issue 2 of 3) issue was discovered in GitLab Community and Enterprise Edition 8.14 and later but before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. Guest users were able to view the list of a group's merge requests.
CVSS Score
4.3
EPSS Score
0.001
Published
2019-05-17
CVE-2019-5883
An Incorrect Access Control issue was discovered in GitLab Community and Enterprise Edition 6.0 and later but before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1. The issue comments feature could allow a user to comment on an issue which they shouldn't be allowed to.
CVSS Score
9.1
EPSS Score
0.001
Published
2019-05-17
CVE-2018-19585
GitLab CE/EE versions 8.18 up to 11.x before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1 have CRLF Injection in Project Mirroring when using the Git protocol.
CVSS Score
7.5
EPSS Score
0.136
Published
2019-05-17


Products
Pricing
Contact Us

Shodan ® - All rights reserved