Количество 5 336
Количество 5 336
CVE-2018-19577
Gitlab CE/EE, versions 8.6 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an incorrect access control vulnerability that displays to an unauthorized user the title and namespace of a confidential issue.
CVE-2018-19577
Gitlab CE/EE, versions 8.6 up to 11.x before 11.3.11, 11.4 before 11.4 ...
CVE-2018-19576
GitLab CE/EE, versions 8.6 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an access control issue that allows a Guest user to make changes to or delete their own comments on an issue, after the issue was made Confidential.
CVE-2018-19576
GitLab CE/EE, versions 8.6 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an access control issue that allows a Guest user to make changes to or delete their own comments on an issue, after the issue was made Confidential.
CVE-2018-19576
GitLab CE/EE, versions 8.6 up to 11.x before 11.3.11, 11.4 before 11.4 ...
CVE-2018-19575
GitLab CE/EE, versions 10.1 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an insecure direct object reference issue that allows a user to make comments on a locked issue.
CVE-2018-19575
GitLab CE/EE, versions 10.1 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an insecure direct object reference issue that allows a user to make comments on a locked issue.
CVE-2018-19575
GitLab CE/EE, versions 10.1 up to 11.x before 11.3.11, 11.4 before 11. ...
CVE-2018-19574
GitLab CE/EE, versions 7.6 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an XSS vulnerability in the OAuth authorization page.
CVE-2018-19574
GitLab CE/EE, versions 7.6 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an XSS vulnerability in the OAuth authorization page.
CVE-2018-19574
GitLab CE/EE, versions 7.6 up to 11.x before 11.3.11, 11.4 before 11.4 ...
CVE-2018-19573
GitLab CE/EE, versions 10.3 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an XSS vulnerability in Markdown fields via Mermaid.
CVE-2018-19573
GitLab CE/EE, versions 10.3 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an XSS vulnerability in Markdown fields via Mermaid.
CVE-2018-19573
GitLab CE/EE, versions 10.3 up to 11.x before 11.3.11, 11.4 before 11. ...
CVE-2018-19572
GitLab CE 8.17 and later and EE 8.3 and later have a symlink time-of-check-to-time-of-use race condition that would allow unauthorized access to files in the GitLab Pages chroot environment. This is fixed in versions 11.5.1, 11.4.8, and 11.3.11.
CVE-2018-19572
GitLab CE 8.17 and later and EE 8.3 and later have a symlink time-of-check-to-time-of-use race condition that would allow unauthorized access to files in the GitLab Pages chroot environment. This is fixed in versions 11.5.1, 11.4.8, and 11.3.11.
CVE-2018-19572
GitLab CE 8.17 and later and EE 8.3 and later have a symlink time-of-c ...
CVE-2018-19571
GitLab CE/EE, versions 8.18 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an SSRF vulnerability in webhooks.
CVE-2018-19571
GitLab CE/EE, versions 8.18 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an SSRF vulnerability in webhooks.
CVE-2018-19571
GitLab CE/EE, versions 8.18 up to 11.x before 11.3.11, 11.4 before 11. ...
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2018-19577 Gitlab CE/EE, versions 8.6 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an incorrect access control vulnerability that displays to an unauthorized user the title and namespace of a confidential issue. | CVSS3: 5.3 | 0% Низкий | больше 6 лет назад |
| CVE-2018-19577 Gitlab CE/EE, versions 8.6 up to 11.x before 11.3.11, 11.4 before 11.4 ... | CVSS3: 5.3 | 0% Низкий | больше 6 лет назад |
 | CVE-2018-19576 GitLab CE/EE, versions 8.6 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an access control issue that allows a Guest user to make changes to or delete their own comments on an issue, after the issue was made Confidential. | CVSS3: 8.1 | 0% Низкий | больше 6 лет назад |
| CVE-2018-19576 GitLab CE/EE, versions 8.6 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an access control issue that allows a Guest user to make changes to or delete their own comments on an issue, after the issue was made Confidential. | CVSS3: 8.1 | 0% Низкий | больше 6 лет назад |
| CVE-2018-19576 GitLab CE/EE, versions 8.6 up to 11.x before 11.3.11, 11.4 before 11.4 ... | CVSS3: 8.1 | 0% Низкий | больше 6 лет назад |
| CVE-2018-19575 GitLab CE/EE, versions 10.1 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an insecure direct object reference issue that allows a user to make comments on a locked issue. | CVSS3: 4.3 | 0% Низкий | больше 6 лет назад |
| CVE-2018-19575 GitLab CE/EE, versions 10.1 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an insecure direct object reference issue that allows a user to make comments on a locked issue. | CVSS3: 4.3 | 0% Низкий | больше 6 лет назад |
| CVE-2018-19575 GitLab CE/EE, versions 10.1 up to 11.x before 11.3.11, 11.4 before 11. ... | CVSS3: 4.3 | 0% Низкий | больше 6 лет назад |
| CVE-2018-19574 GitLab CE/EE, versions 7.6 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an XSS vulnerability in the OAuth authorization page. | CVSS3: 5.4 | 0% Низкий | больше 6 лет назад |
| CVE-2018-19574 GitLab CE/EE, versions 7.6 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an XSS vulnerability in the OAuth authorization page. | CVSS3: 5.4 | 0% Низкий | больше 6 лет назад |
| CVE-2018-19574 GitLab CE/EE, versions 7.6 up to 11.x before 11.3.11, 11.4 before 11.4 ... | CVSS3: 5.4 | 0% Низкий | больше 6 лет назад |
| CVE-2018-19573 GitLab CE/EE, versions 10.3 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an XSS vulnerability in Markdown fields via Mermaid. | CVSS3: 5.4 | 0% Низкий | больше 6 лет назад |
| CVE-2018-19573 GitLab CE/EE, versions 10.3 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an XSS vulnerability in Markdown fields via Mermaid. | CVSS3: 5.4 | 0% Низкий | больше 6 лет назад |
| CVE-2018-19573 GitLab CE/EE, versions 10.3 up to 11.x before 11.3.11, 11.4 before 11. ... | CVSS3: 5.4 | 0% Низкий | больше 6 лет назад |
| CVE-2018-19572 GitLab CE 8.17 and later and EE 8.3 and later have a symlink time-of-check-to-time-of-use race condition that would allow unauthorized access to files in the GitLab Pages chroot environment. This is fixed in versions 11.5.1, 11.4.8, and 11.3.11. | CVSS3: 5.9 | 0% Низкий | больше 6 лет назад |
| CVE-2018-19572 GitLab CE 8.17 and later and EE 8.3 and later have a symlink time-of-check-to-time-of-use race condition that would allow unauthorized access to files in the GitLab Pages chroot environment. This is fixed in versions 11.5.1, 11.4.8, and 11.3.11. | CVSS3: 5.9 | 0% Низкий | больше 6 лет назад |
| CVE-2018-19572 GitLab CE 8.17 and later and EE 8.3 and later have a symlink time-of-c ... | CVSS3: 5.9 | 0% Низкий | больше 6 лет назад |
| CVE-2018-19571 GitLab CE/EE, versions 8.18 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an SSRF vulnerability in webhooks. | CVSS3: 7.7 | 35% Средний | больше 6 лет назад |
| CVE-2018-19571 GitLab CE/EE, versions 8.18 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an SSRF vulnerability in webhooks. | CVSS3: 7.7 | 35% Средний | больше 6 лет назад |
| CVE-2018-19571 GitLab CE/EE, versions 8.18 up to 11.x before 11.3.11, 11.4 before 11. ... | CVSS3: 7.7 | 35% Средний | больше 6 лет назад |
Уязвимостей на страницу