Количество 4 564
Количество 4 564
CVE-2018-20144
GitLab Community and Enterprise Edition 11.x before 11.3.13, 11.4.x before 11.4.11, and 11.5.x before 11.5.4 has Incorrect Access Control.
CVE-2018-20144
GitLab Community and Enterprise Edition 11.x before 11.3.13, 11.4.x before 11.4.11, and 11.5.x before 11.5.4 has Incorrect Access Control.
CVE-2018-20144
GitLab Community and Enterprise Edition 11.x before 11.3.13, 11.4.x be ...
CVE-2018-19856
GitLab CE/EE before 11.3.12, 11.4.x before 11.4.10, and 11.5.x before 11.5.3 allows Directory Traversal in Templates API.
CVE-2018-19856
GitLab CE/EE before 11.3.12, 11.4.x before 11.4.10, and 11.5.x before 11.5.3 allows Directory Traversal in Templates API.
CVE-2018-19856
GitLab CE/EE before 11.3.12, 11.4.x before 11.4.10, and 11.5.x before ...
CVE-2018-19585
GitLab CE/EE versions 8.18 up to 11.x before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1 have CRLF Injection in Project Mirroring when using the Git protocol.
CVE-2018-19585
GitLab CE/EE versions 8.18 up to 11.x before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1 have CRLF Injection in Project Mirroring when using the Git protocol.
CVE-2018-19585
GitLab CE/EE versions 8.18 up to 11.x before 11.3.11, 11.4.x before 11 ...
CVE-2018-19584
GitLab EE, versions 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, is vulnerable to an insecure direct object reference vulnerability that allows authenticated, but unauthorized, users to view members and milestone details of private groups.
CVE-2018-19584
GitLab EE, versions 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, is vulnerable to an insecure direct object reference vulnerability that allows authenticated, but unauthorized, users to view members and milestone details of private groups.
CVE-2018-19584
GitLab EE, versions 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 ...
CVE-2018-19583
GitLab CE/EE, versions 8.0 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, would log access tokens in the Workhorse logs, permitting administrators with access to the logs to see another user's token.
CVE-2018-19583
GitLab CE/EE, versions 8.0 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, would log access tokens in the Workhorse logs, permitting administrators with access to the logs to see another user's token.
CVE-2018-19583
GitLab CE/EE, versions 8.0 up to 11.x before 11.3.11, 11.4 before 11.4 ...
CVE-2018-19582
GitLab EE, versions 11.4 before 11.4.8 and 11.5 before 11.5.1, is affected by an insecure direct object reference vulnerability that permits an unauthorized user to publish the draft merge request comments of another user.
CVE-2018-19582
GitLab EE, versions 11.4 before 11.4.8 and 11.5 before 11.5.1, is affected by an insecure direct object reference vulnerability that permits an unauthorized user to publish the draft merge request comments of another user.
CVE-2018-19582
GitLab EE, versions 11.4 before 11.4.8 and 11.5 before 11.5.1, is affe ...
CVE-2018-19581
GitLab EE, versions 8.3 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, is vulnerable to an insecure object reference vulnerability that allows a Guest user to set the weight of an issue they create.
CVE-2018-19581
GitLab EE, versions 8.3 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, is vulnerable to an insecure object reference vulnerability that allows a Guest user to set the weight of an issue they create.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2018-20144 GitLab Community and Enterprise Edition 11.x before 11.3.13, 11.4.x before 11.4.11, and 11.5.x before 11.5.4 has Incorrect Access Control. | CVSS3: 7.5 | 0% Низкий | около 6 лет назад |
 | CVE-2018-20144 GitLab Community and Enterprise Edition 11.x before 11.3.13, 11.4.x before 11.4.11, and 11.5.x before 11.5.4 has Incorrect Access Control. | CVSS3: 7.5 | 0% Низкий | около 6 лет назад |
| CVE-2018-20144 GitLab Community and Enterprise Edition 11.x before 11.3.13, 11.4.x be ... | CVSS3: 7.5 | 0% Низкий | около 6 лет назад |
| CVE-2018-19856 GitLab CE/EE before 11.3.12, 11.4.x before 11.4.10, and 11.5.x before 11.5.3 allows Directory Traversal in Templates API. | CVSS3: 7.5 | 0% Низкий | около 6 лет назад |
| CVE-2018-19856 GitLab CE/EE before 11.3.12, 11.4.x before 11.4.10, and 11.5.x before 11.5.3 allows Directory Traversal in Templates API. | CVSS3: 7.5 | 0% Низкий | около 6 лет назад |
| CVE-2018-19856 GitLab CE/EE before 11.3.12, 11.4.x before 11.4.10, and 11.5.x before ... | CVSS3: 7.5 | 0% Низкий | около 6 лет назад |
| CVE-2018-19585 GitLab CE/EE versions 8.18 up to 11.x before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1 have CRLF Injection in Project Mirroring when using the Git protocol. | CVSS3: 7.5 | 14% Средний | около 6 лет назад |
| CVE-2018-19585 GitLab CE/EE versions 8.18 up to 11.x before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1 have CRLF Injection in Project Mirroring when using the Git protocol. | CVSS3: 7.5 | 14% Средний | около 6 лет назад |
| CVE-2018-19585 GitLab CE/EE versions 8.18 up to 11.x before 11.3.11, 11.4.x before 11 ... | CVSS3: 7.5 | 14% Средний | около 6 лет назад |
| CVE-2018-19584 GitLab EE, versions 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, is vulnerable to an insecure direct object reference vulnerability that allows authenticated, but unauthorized, users to view members and milestone details of private groups. | CVSS3: 7.5 | 0% Низкий | почти 6 лет назад |
| CVE-2018-19584 GitLab EE, versions 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, is vulnerable to an insecure direct object reference vulnerability that allows authenticated, but unauthorized, users to view members and milestone details of private groups. | CVSS3: 7.5 | 0% Низкий | почти 6 лет назад |
| CVE-2018-19584 GitLab EE, versions 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 ... | CVSS3: 7.5 | 0% Низкий | почти 6 лет назад |
| CVE-2018-19583 GitLab CE/EE, versions 8.0 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, would log access tokens in the Workhorse logs, permitting administrators with access to the logs to see another user's token. | CVSS3: 6.5 | 0% Низкий | почти 6 лет назад |
| CVE-2018-19583 GitLab CE/EE, versions 8.0 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, would log access tokens in the Workhorse logs, permitting administrators with access to the logs to see another user's token. | CVSS3: 6.5 | 0% Низкий | почти 6 лет назад |
| CVE-2018-19583 GitLab CE/EE, versions 8.0 up to 11.x before 11.3.11, 11.4 before 11.4 ... | CVSS3: 6.5 | 0% Низкий | почти 6 лет назад |
| CVE-2018-19582 GitLab EE, versions 11.4 before 11.4.8 and 11.5 before 11.5.1, is affected by an insecure direct object reference vulnerability that permits an unauthorized user to publish the draft merge request comments of another user. | CVSS3: 4.3 | 0% Низкий | почти 6 лет назад |
| CVE-2018-19582 GitLab EE, versions 11.4 before 11.4.8 and 11.5 before 11.5.1, is affected by an insecure direct object reference vulnerability that permits an unauthorized user to publish the draft merge request comments of another user. | CVSS3: 4.3 | 0% Низкий | почти 6 лет назад |
| CVE-2018-19582 GitLab EE, versions 11.4 before 11.4.8 and 11.5 before 11.5.1, is affe ... | CVSS3: 4.3 | 0% Низкий | почти 6 лет назад |
| CVE-2018-19581 GitLab EE, versions 8.3 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, is vulnerable to an insecure object reference vulnerability that allows a Guest user to set the weight of an issue they create. | CVSS3: 7.5 | 0% Низкий | почти 6 лет назад |
| CVE-2018-19581 GitLab EE, versions 8.3 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, is vulnerable to an insecure object reference vulnerability that allows a Guest user to set the weight of an issue they create. | CVSS3: 7.5 | 0% Низкий | почти 6 лет назад |
Уязвимостей на страницу