Gitlab: >> Gitlab >> 12.1.12 Security Vulnerabilities
Gitlab Enterprise Edition (EE) before 12.5.1 has Insecure Permissions (issue 2 of 2).
CVSS Score
4.3
EPSS Score
0.0
Published
2020-01-03
Gitlab Enterprise Edition (EE) 11.3 through 12.4.2 allows Directory Traversal.
CVSS Score
9.8
EPSS Score
0.001
Published
2020-01-03
GitLab Community Edition (CE) and Enterprise Edition (EE). 9.6 and later through 12.5 has Incorrect Access Control.
CVSS Score
5.3
EPSS Score
0.002
Published
2020-01-03
An improper access control vulnerability exists in Gitlab EE <v12.3.3, <v12.2.7, & <v12.1.13 that allowed the group search feature with Elasticsearch to return private code, merge requests and commits.
CVSS Score
5.3
EPSS Score
0.003
Published
2019-12-18
An improper access control vulnerability exists in GitLab <12.3.3 that allows an attacker to obtain container and dependency scanning reports through the merge request widget even though public pipelines were disabled.
CVSS Score
6.5
EPSS Score
0.002
Published
2019-12-18
An issue was discovered in GitLab Community and Enterprise Edition before 12.4. It has Insecure Permissions.
CVSS Score
4.3
EPSS Score
0.001
Published
2019-11-26
An issue was discovered in GitLab Community and Enterprise Edition before 12.4. It has Incorrect Access Control.
CVSS Score
6.5
EPSS Score
0.001
Published
2019-11-26
An issue was discovered in GitLab Community and Enterprise Edition before 12.4 in the autocomplete feature. It has Insecure Permissions (issue 2 of 2).
CVSS Score
4.3
EPSS Score
0.001
Published
2019-11-26
An issue was discovered in GitLab Community and Enterprise Edition before 12.4 in the Project labels feature. It has Insecure Permissions.
CVSS Score
4.3
EPSS Score
0.001
Published
2019-11-26
An issue was discovered in GitLab Community and Enterprise Edition 10.7.4 through 12.4 in the InternalRedirect filtering feature. It has an Open Redirect.
CVSS Score
6.1
EPSS Score
0.001
Published
2019-11-26