Количество 5 501
Количество 5 501
CVE-2018-19585
GitLab CE/EE versions 8.18 up to 11.x before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1 have CRLF Injection in Project Mirroring when using the Git protocol.
CVE-2018-19585
GitLab CE/EE versions 8.18 up to 11.x before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1 have CRLF Injection in Project Mirroring when using the Git protocol.
CVE-2018-19585
GitLab CE/EE versions 8.18 up to 11.x before 11.3.11, 11.4.x before 11 ...
CVE-2018-19584
GitLab EE, versions 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, is vulnerable to an insecure direct object reference vulnerability that allows authenticated, but unauthorized, users to view members and milestone details of private groups.
CVE-2018-19584
GitLab EE, versions 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, is vulnerable to an insecure direct object reference vulnerability that allows authenticated, but unauthorized, users to view members and milestone details of private groups.
CVE-2018-19584
GitLab EE, versions 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 ...
CVE-2018-19583
GitLab CE/EE, versions 8.0 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, would log access tokens in the Workhorse logs, permitting administrators with access to the logs to see another user's token.
CVE-2018-19583
GitLab CE/EE, versions 8.0 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, would log access tokens in the Workhorse logs, permitting administrators with access to the logs to see another user's token.
CVE-2018-19583
GitLab CE/EE, versions 8.0 up to 11.x before 11.3.11, 11.4 before 11.4 ...
CVE-2018-19582
GitLab EE, versions 11.4 before 11.4.8 and 11.5 before 11.5.1, is affected by an insecure direct object reference vulnerability that permits an unauthorized user to publish the draft merge request comments of another user.
CVE-2018-19582
GitLab EE, versions 11.4 before 11.4.8 and 11.5 before 11.5.1, is affected by an insecure direct object reference vulnerability that permits an unauthorized user to publish the draft merge request comments of another user.
CVE-2018-19582
GitLab EE, versions 11.4 before 11.4.8 and 11.5 before 11.5.1, is affe ...
CVE-2018-19581
GitLab EE, versions 8.3 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, is vulnerable to an insecure object reference vulnerability that allows a Guest user to set the weight of an issue they create.
CVE-2018-19581
GitLab EE, versions 8.3 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, is vulnerable to an insecure object reference vulnerability that allows a Guest user to set the weight of an issue they create.
CVE-2018-19581
GitLab EE, versions 8.3 up to 11.x before 11.3.11, 11.4 before 11.4.8, ...
CVE-2018-19580
All versions of GitLab prior to 11.5.1, 11.4.8, and 11.3.11 do not send an email to the old email address when an email address change is made.
CVE-2018-19580
All versions of GitLab prior to 11.5.1, 11.4.8, and 11.3.11 do not send an email to the old email address when an email address change is made.
CVE-2018-19580
All versions of GitLab prior to 11.5.1, 11.4.8, and 11.3.11 do not sen ...
CVE-2018-19579
GitLab EE version 11.5 is vulnerable to a persistent XSS vulnerability in the Operations page. This is fixed in 11.5.1.
CVE-2018-19579
GitLab EE version 11.5 is vulnerable to a persistent XSS vulnerability in the Operations page. This is fixed in 11.5.1.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2018-19585 GitLab CE/EE versions 8.18 up to 11.x before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1 have CRLF Injection in Project Mirroring when using the Git protocol. | CVSS3: 7.5 | 12% Средний | почти 7 лет назад |
 | CVE-2018-19585 GitLab CE/EE versions 8.18 up to 11.x before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1 have CRLF Injection in Project Mirroring when using the Git protocol. | CVSS3: 7.5 | 12% Средний | почти 7 лет назад |
| CVE-2018-19585 GitLab CE/EE versions 8.18 up to 11.x before 11.3.11, 11.4.x before 11 ... | CVSS3: 7.5 | 12% Средний | почти 7 лет назад |
| CVE-2018-19584 GitLab EE, versions 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, is vulnerable to an insecure direct object reference vulnerability that allows authenticated, but unauthorized, users to view members and milestone details of private groups. | CVSS3: 7.5 | 0% Низкий | больше 6 лет назад |
| CVE-2018-19584 GitLab EE, versions 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, is vulnerable to an insecure direct object reference vulnerability that allows authenticated, but unauthorized, users to view members and milestone details of private groups. | CVSS3: 7.5 | 0% Низкий | больше 6 лет назад |
| CVE-2018-19584 GitLab EE, versions 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 ... | CVSS3: 7.5 | 0% Низкий | больше 6 лет назад |
| CVE-2018-19583 GitLab CE/EE, versions 8.0 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, would log access tokens in the Workhorse logs, permitting administrators with access to the logs to see another user's token. | CVSS3: 6.5 | 0% Низкий | больше 6 лет назад |
| CVE-2018-19583 GitLab CE/EE, versions 8.0 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, would log access tokens in the Workhorse logs, permitting administrators with access to the logs to see another user's token. | CVSS3: 6.5 | 0% Низкий | больше 6 лет назад |
| CVE-2018-19583 GitLab CE/EE, versions 8.0 up to 11.x before 11.3.11, 11.4 before 11.4 ... | CVSS3: 6.5 | 0% Низкий | больше 6 лет назад |
| CVE-2018-19582 GitLab EE, versions 11.4 before 11.4.8 and 11.5 before 11.5.1, is affected by an insecure direct object reference vulnerability that permits an unauthorized user to publish the draft merge request comments of another user. | CVSS3: 4.3 | 0% Низкий | больше 6 лет назад |
| CVE-2018-19582 GitLab EE, versions 11.4 before 11.4.8 and 11.5 before 11.5.1, is affected by an insecure direct object reference vulnerability that permits an unauthorized user to publish the draft merge request comments of another user. | CVSS3: 4.3 | 0% Низкий | больше 6 лет назад |
| CVE-2018-19582 GitLab EE, versions 11.4 before 11.4.8 and 11.5 before 11.5.1, is affe ... | CVSS3: 4.3 | 0% Низкий | больше 6 лет назад |
| CVE-2018-19581 GitLab EE, versions 8.3 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, is vulnerable to an insecure object reference vulnerability that allows a Guest user to set the weight of an issue they create. | CVSS3: 7.5 | 0% Низкий | больше 6 лет назад |
| CVE-2018-19581 GitLab EE, versions 8.3 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, is vulnerable to an insecure object reference vulnerability that allows a Guest user to set the weight of an issue they create. | CVSS3: 7.5 | 0% Низкий | больше 6 лет назад |
| CVE-2018-19581 GitLab EE, versions 8.3 up to 11.x before 11.3.11, 11.4 before 11.4.8, ... | CVSS3: 7.5 | 0% Низкий | больше 6 лет назад |
| CVE-2018-19580 All versions of GitLab prior to 11.5.1, 11.4.8, and 11.3.11 do not send an email to the old email address when an email address change is made. | CVSS3: 5.3 | 0% Низкий | больше 6 лет назад |
| CVE-2018-19580 All versions of GitLab prior to 11.5.1, 11.4.8, and 11.3.11 do not send an email to the old email address when an email address change is made. | CVSS3: 5.3 | 0% Низкий | больше 6 лет назад |
| CVE-2018-19580 All versions of GitLab prior to 11.5.1, 11.4.8, and 11.3.11 do not sen ... | CVSS3: 5.3 | 0% Низкий | больше 6 лет назад |
| CVE-2018-19579 GitLab EE version 11.5 is vulnerable to a persistent XSS vulnerability in the Operations page. This is fixed in 11.5.1. | CVSS3: 5.4 | 0% Низкий | больше 6 лет назад |
| CVE-2018-19579 GitLab EE version 11.5 is vulnerable to a persistent XSS vulnerability in the Operations page. This is fixed in 11.5.1. | CVSS3: 5.4 | 0% Низкий | больше 6 лет назад |
Уязвимостей на страницу