Количество 5 336
Количество 5 336
CVE-2019-15591
An improper access control vulnerability exists in GitLab <12.3.3 that ...
CVE-2019-15590
An access control issue exists in < 12.3.5, < 12.2.8, and < 12.1.14 for GitLab Community Edition (CE) and Enterprise Edition (EE) where private merge requests and issues would be disclosed with the Group Search feature provided by Elasticsearch integration
CVE-2019-15590
An access control issue exists in < 12.3.5, < 12.2.8, and < 12.1.14 for GitLab Community Edition (CE) and Enterprise Edition (EE) where private merge requests and issues would be disclosed with the Group Search feature provided by Elasticsearch integration
CVE-2019-15590
An access control issue exists in < 12.3.5, < 12.2.8, and < 12.1.14 fo ...
CVE-2019-15589
An improper access control vulnerability exists in Gitlab <v12.3.2, <v12.2.6, <v12.1.12 which would allow a blocked user would be able to use GIT clone and pull if he had obtained a CI/CD token before.
CVE-2019-15589
An improper access control vulnerability exists in Gitlab <v12.3.2, <v12.2.6, <v12.1.12 which would allow a blocked user would be able to use GIT clone and pull if he had obtained a CI/CD token before.
CVE-2019-15589
An improper access control vulnerability exists in Gitlab <v12.3.2, <v ...
CVE-2019-15586
A XSS exists in Gitlab CE/EE < 12.1.10 in the Mermaid plugin.
CVE-2019-15586
A XSS exists in Gitlab CE/EE < 12.1.10 in the Mermaid plugin.
CVE-2019-15586
A XSS exists in Gitlab CE/EE < 12.1.10 in the Mermaid plugin.
CVE-2019-15585
Improper authentication exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE) in the GitLab SAML integration had a validation issue that permitted an attacker to takeover another user's account.
CVE-2019-15585
Improper authentication exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE) in the GitLab SAML integration had a validation issue that permitted an attacker to takeover another user's account.
CVE-2019-15585
Improper authentication exists in < 12.3.2, < 12.2.6, and < 12.1.12 fo ...
CVE-2019-15584
A denial of service exists in gitlab <v12.3.2, <v12.2.6, and <v12.1.10 that would let an attacker bypass input validation in markdown fields take down the affected page.
CVE-2019-15584
A denial of service exists in gitlab <v12.3.2, <v12.2.6, and <v12.1.10 that would let an attacker bypass input validation in markdown fields take down the affected page.
CVE-2019-15584
A denial of service exists in gitlab <v12.3.2, <v12.2.6, and <v12.1.10 ...
CVE-2019-15583
An information disclosure exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE). When an issue was moved to a public project from a private one, the associated private labels and the private project namespace would be disclosed through the GitLab API.
CVE-2019-15583
An information disclosure exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE). When an issue was moved to a public project from a private one, the associated private labels and the private project namespace would be disclosed through the GitLab API.
CVE-2019-15583
An information disclosure exists in < 12.3.2, < 12.2.6, and < 12.1.12 ...
CVE-2019-15582
An IDOR was discovered in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE) that allowed a maintainer to add any private group to a protected environment.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| CVE-2019-15591 An improper access control vulnerability exists in GitLab <12.3.3 that ... | CVSS3: 6.5 | 0% Низкий | около 6 лет назад |
 | CVE-2019-15590 An access control issue exists in < 12.3.5, < 12.2.8, and < 12.1.14 for GitLab Community Edition (CE) and Enterprise Edition (EE) where private merge requests and issues would be disclosed with the Group Search feature provided by Elasticsearch integration | CVSS3: 7.5 | 0% Низкий | около 6 лет назад |
 | CVE-2019-15590 An access control issue exists in < 12.3.5, < 12.2.8, and < 12.1.14 for GitLab Community Edition (CE) and Enterprise Edition (EE) where private merge requests and issues would be disclosed with the Group Search feature provided by Elasticsearch integration | CVSS3: 7.5 | 0% Низкий | около 6 лет назад |
| CVE-2019-15590 An access control issue exists in < 12.3.5, < 12.2.8, and < 12.1.14 fo ... | CVSS3: 7.5 | 0% Низкий | около 6 лет назад |
| CVE-2019-15589 An improper access control vulnerability exists in Gitlab <v12.3.2, <v12.2.6, <v12.1.12 which would allow a blocked user would be able to use GIT clone and pull if he had obtained a CI/CD token before. | CVSS3: 8.8 | 0% Низкий | около 6 лет назад |
| CVE-2019-15589 An improper access control vulnerability exists in Gitlab <v12.3.2, <v12.2.6, <v12.1.12 which would allow a blocked user would be able to use GIT clone and pull if he had obtained a CI/CD token before. | CVSS3: 8.8 | 0% Низкий | около 6 лет назад |
| CVE-2019-15589 An improper access control vulnerability exists in Gitlab <v12.3.2, <v ... | CVSS3: 8.8 | 0% Низкий | около 6 лет назад |
| CVE-2019-15586 A XSS exists in Gitlab CE/EE < 12.1.10 in the Mermaid plugin. | CVSS3: 6.1 | 0% Низкий | около 6 лет назад |
| CVE-2019-15586 A XSS exists in Gitlab CE/EE < 12.1.10 in the Mermaid plugin. | CVSS3: 6.1 | 0% Низкий | около 6 лет назад |
| CVE-2019-15586 A XSS exists in Gitlab CE/EE < 12.1.10 in the Mermaid plugin. | CVSS3: 6.1 | 0% Низкий | около 6 лет назад |
| CVE-2019-15585 Improper authentication exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE) in the GitLab SAML integration had a validation issue that permitted an attacker to takeover another user's account. | CVSS3: 9.8 | 0% Низкий | около 6 лет назад |
| CVE-2019-15585 Improper authentication exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE) in the GitLab SAML integration had a validation issue that permitted an attacker to takeover another user's account. | CVSS3: 9.8 | 0% Низкий | около 6 лет назад |
| CVE-2019-15585 Improper authentication exists in < 12.3.2, < 12.2.6, and < 12.1.12 fo ... | CVSS3: 9.8 | 0% Низкий | около 6 лет назад |
| CVE-2019-15584 A denial of service exists in gitlab <v12.3.2, <v12.2.6, and <v12.1.10 that would let an attacker bypass input validation in markdown fields take down the affected page. | CVSS3: 6.5 | 0% Низкий | около 6 лет назад |
| CVE-2019-15584 A denial of service exists in gitlab <v12.3.2, <v12.2.6, and <v12.1.10 that would let an attacker bypass input validation in markdown fields take down the affected page. | CVSS3: 6.5 | 0% Низкий | около 6 лет назад |
| CVE-2019-15584 A denial of service exists in gitlab <v12.3.2, <v12.2.6, and <v12.1.10 ... | CVSS3: 6.5 | 0% Низкий | около 6 лет назад |
| CVE-2019-15583 An information disclosure exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE). When an issue was moved to a public project from a private one, the associated private labels and the private project namespace would be disclosed through the GitLab API. | CVSS3: 7.5 | 0% Низкий | около 6 лет назад |
| CVE-2019-15583 An information disclosure exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE). When an issue was moved to a public project from a private one, the associated private labels and the private project namespace would be disclosed through the GitLab API. | CVSS3: 7.5 | 0% Низкий | около 6 лет назад |
| CVE-2019-15583 An information disclosure exists in < 12.3.2, < 12.2.6, and < 12.1.12 ... | CVSS3: 7.5 | 0% Низкий | около 6 лет назад |
| CVE-2019-15582 An IDOR was discovered in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE) that allowed a maintainer to add any private group to a protected environment. | CVSS3: 5.3 | 0% Низкий | около 6 лет назад |
Уязвимостей на страницу