| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2013-4582 |
829 |
|
|
2020-01-28 |
2020-02-04 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
The (1) create_branch, (2) create_tag, (3) import_project, and (4) fork_project functions in lib/gitlab_projects.rb in GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, Enterprise Edition before 6.2.1 and gitlab-shell before 1.7.8 allows remote authenticated users to include information from local files into the metadata of a Git repository via the web interface. |
|
2 |
CVE-2013-7316 |
79 |
1
|
XSS |
2014-01-24 |
2018-10-30 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in GitLab 6.0 and other versions before 6.5.0 allows remote attackers to inject arbitrary web script or HTML via a crafted HTML file, as demonstrated by README.html. |
|
3 |
CVE-2014-3456 |
79 |
|
XSS |
2014-05-13 |
2014-05-14 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in GitLab Enterprise Edition (EE) 6.6.0 before 6.6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
|
4 |
CVE-2014-8540 |
264 |
|
|
2018-01-05 |
2018-01-18 |
4.0 |
None |
Remote |
Low |
??? |
None |
Partial |
None |
|
The groups API in GitLab 6.x and 7.x before 7.4.3 allows remote authenticated guest users to modify ownership of arbitrary groups by leveraging improper permission checks. |
|
5 |
CVE-2016-9086 |
200 |
|
+Info |
2016-11-03 |
2016-11-29 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
GitLab versions 8.9.x and above contain a critical security flaw in the "import/export project" feature of GitLab. Added in GitLab 8.9, this feature allows a user to export and then re-import their projects as tape archive files (tar). All GitLab versions prior to 8.13.0 restricted this feature to administrators only. Starting with version 8.13.0 this feature was made available to all users. This feature did not properly check for symbolic links in user-provided archives and therefore it was possible for an authenticated user to retrieve the contents of any file accessible to the GitLab service account. This included sensitive files such as those that contain secret tokens used by the GitLab service to authenticate users. GitLab CE and EE versions 8.13.0 through 8.13.2, 8.12.0 through 8.12.7, 8.11.0 through 8.11.10, 8.10.0 through 8.10.12, and 8.9.0 through 8.9.11 are affected. |
|
6 |
CVE-2017-0882 |
200 |
|
+Info |
2017-03-28 |
2019-10-09 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
Multiple versions of GitLab expose sensitive user credentials when assigning a user to an issue or merge request. A fix was included in versions 8.15.8, 8.16.7, and 8.17.4, which were released on March 20th 2017 at 23:59 UTC. |
|
7 |
CVE-2017-0917 |
79 |
|
XSS |
2018-03-21 |
2019-10-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Gitlab Community Edition version 10.2.4 is vulnerable to lack of input validation in the CI job component resulting in persistent cross site scripting. |
|
8 |
CVE-2017-0920 |
863 |
|
Bypass |
2018-03-22 |
2019-10-03 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
GitLab Community and Enterprise Editions before 10.1.6, 10.2.6, and 10.3.4 are vulnerable to an authorization bypass issue in the Projects::MergeRequests::CreationsController component resulting in an attacker to see every project name and their respective namespace on a GitLab instance. |
|
9 |
CVE-2017-0923 |
79 |
|
XSS |
2018-03-21 |
2019-10-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Gitlab Community Edition version 9.1 is vulnerable to lack of input validation in the IPython notebooks component resulting in persistent cross site scripting. |
|
10 |
CVE-2017-0924 |
79 |
|
XSS |
2018-03-21 |
2019-10-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Gitlab Community Edition version 10.2.4 is vulnerable to lack of input validation in the labels component resulting in persistent cross site scripting. |
|
11 |
CVE-2017-0925 |
319 |
|
|
2018-03-21 |
2019-10-09 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
Gitlab Enterprise Edition version 10.1.0 is vulnerable to an insufficiently protected credential issue in the project service integration API endpoint resulting in an information disclosure of plaintext password. |
|
12 |
CVE-2017-0927 |
863 |
|
|
2018-03-21 |
2019-10-09 |
4.0 |
None |
Remote |
Low |
??? |
None |
Partial |
None |
|
Gitlab Community Edition version 10.3 is vulnerable to an improper authorization issue in the deployment keys component resulting in unauthorized use of deployment keys by guest users. |
|
13 |
CVE-2017-8778 |
79 |
|
XSS |
2017-05-04 |
2017-05-15 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
GitLab before 8.14.9, 8.15.x before 8.15.6, and 8.16.x before 8.16.5 has XSS via a SCRIPT element in an issue attachment or avatar that is an SVG document. |
|
14 |
CVE-2017-11437 |
732 |
|
|
2017-08-02 |
2019-10-03 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
GitLab Enterprise Edition (EE) before 8.17.7, 9.0.11, 9.1.8, 9.2.8, and 9.3.8 allows an authenticated user with the ability to create a project to use the mirroring feature to potentially read repositories belonging to other users. |
|
15 |
CVE-2017-17716 |
295 |
|
|
2017-12-17 |
2018-01-04 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
GitLab 9.4.x before 9.4.2 does not support LDAP SSL certificate verification, but a verify_certificates LDAP option was mentioned in the 9.4 release announcement. This issue occurred because code was not merged. This is related to use of the omniauth-ldap library and the gitlab_omniauth-ldap gem. |
|
16 |
CVE-2018-8801 |
918 |
|
|
2018-04-25 |
2019-02-27 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
GitLab Community and Enterprise Editions version 8.3 up to 10.x before 10.3 are vulnerable to SSRF in the Services and webhooks component. |
|
17 |
CVE-2018-9243 |
79 |
|
XSS |
2018-04-05 |
2019-02-27 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
GitLab Community and Enterprise Editions version 8.4 up to 10.4 are vulnerable to XSS because a lack of input validation in the merge request component leads to cross site scripting (specifically, filenames in changes tabs of merge requests). This is fixed in 10.6.3, 10.5.7, and 10.4.7. |
|
18 |
CVE-2018-9244 |
79 |
|
XSS |
2018-04-05 |
2019-02-27 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
GitLab Community and Enterprise Editions version 9.2 up to 10.4 are vulnerable to XSS because a lack of input validation in the milestones component leads to cross site scripting (specifically, data-milestone-id in the milestone dropdown feature). This is fixed in 10.6.3, 10.5.7, and 10.4.7. |
|
19 |
CVE-2018-10379 |
79 |
|
XSS |
2018-05-31 |
2018-06-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) before 10.5.8, 10.6.x before 10.6.5, and 10.7.x before 10.7.2. The Move Issue feature contained a persistent XSS vulnerability. |
|
20 |
CVE-2018-14604 |
79 |
|
XSS |
2018-07-27 |
2018-09-18 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
An issue was discovered in GitLab Community and Enterprise Edition before 10.8.7, 11.0.x before 11.0.5, and 11.1.x before 11.1.2. XSS can occur in the tooltip of the job inside the CI/CD pipeline. |
|
21 |
CVE-2018-16048 |
862 |
|
|
2018-10-03 |
2019-10-03 |
4.0 |
None |
Remote |
Low |
??? |
None |
Partial |
None |
|
An issue was discovered in GitLab Community and Enterprise Edition before 11.0.6, 11.1.x before 11.1.5, and 11.2.x before 11.2.2. There is Missing Authorization Control for API Repository Storage. |
|
22 |
CVE-2018-16050 |
79 |
|
XSS |
2018-10-03 |
2018-11-19 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
An issue was discovered in GitLab Community and Enterprise Edition 11.1.x before 11.1.5 and 11.2.x before 11.2.2. There is Persistent XSS in the Merge Request Changes View. |
|
23 |
CVE-2018-16051 |
200 |
|
+Info |
2018-10-03 |
2018-12-04 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
An issue was discovered in GitLab Community and Enterprise Edition before 11.0.6, 11.1.x before 11.1.5, and 11.2.x before 11.2.2. There is Orphaned Upload Files Exposure. |
|
24 |
CVE-2018-17976 |
200 |
|
+Info |
2018-12-04 |
2018-12-28 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
An issue was discovered in GitLab Community Edition 11.x before 11.1.8, 11.2.x before 11.2.5, and 11.3.x before 11.3.2. There is Information Exposure via Epic change descriptions. |
|
25 |
CVE-2018-18640 |
200 |
|
+Info |
2018-12-04 |
2018-12-27 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It has Information Exposure Through Browser Caching. |
|
26 |
CVE-2018-18642 |
79 |
|
XSS |
2018-12-04 |
2018-12-21 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It has XSS. |
|
27 |
CVE-2018-18643 |
79 |
|
XSS |
2019-04-25 |
2019-04-26 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
GitLab CE & EE 11.2 and later and before 11.5.0-rc12, 11.4.6, and 11.3.10 have Persistent XSS. |
|
28 |
CVE-2018-18644 |
200 |
|
+Info |
2018-12-04 |
2018-12-27 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
An issue was discovered in GitLab Community and Enterprise Edition 11.x before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It allows Information Exposure via a Gitlab Prometheus integration. |
|
29 |
CVE-2018-18645 |
200 |
|
+Info |
2018-12-04 |
2018-12-21 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It allows for Information Exposure via unsubscribe links in email replies. |
|
30 |
CVE-2018-19493 |
79 |
|
XSS |
2019-07-10 |
2019-07-11 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
An issue was discovered in GitLab Community and Enterprise Edition 11.x before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1. There is a persistent XSS vulnerability in the environment pages due to a lack of input validation and output encoding. |
|
31 |
CVE-2018-19494 |
284 |
|
|
2019-07-10 |
2019-07-11 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
An issue was discovered in GitLab Community and Enterprise Edition 11.x before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1. There is an incorrect access vulnerability that allows an unauthorized user to view private group names. |
|
32 |
CVE-2018-19495 |
918 |
|
|
2019-07-10 |
2019-07-11 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
An issue was discovered in GitLab Community and Enterprise Edition before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1. There is an SSRF vulnerability in the Prometheus integration. |
|
33 |
CVE-2018-19496 |
284 |
|
|
2019-07-10 |
2019-07-11 |
4.0 |
None |
Remote |
Low |
??? |
None |
Partial |
None |
|
An issue was discovered in GitLab Community and Enterprise Edition 10.x and 11.x before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1. There is an incorrect access control vulnerability that permits a user with insufficient privileges to promote a project milestone to a group milestone. |
|
34 |
CVE-2018-19571 |
918 |
|
|
2019-07-10 |
2020-12-24 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
GitLab CE/EE, versions 8.18 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an SSRF vulnerability in webhooks. |
|
35 |
CVE-2018-19572 |
362 |
|
|
2019-07-10 |
2019-07-11 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
GitLab CE 8.17 and later and EE 8.3 and later have a symlink time-of-check-to-time-of-use race condition that would allow unauthorized access to files in the GitLab Pages chroot environment. This is fixed in versions 11.5.1, 11.4.8, and 11.3.11. |
|
36 |
CVE-2018-19575 |
639 |
|
|
2019-07-10 |
2020-08-24 |
4.0 |
None |
Remote |
Low |
??? |
None |
Partial |
None |
|
GitLab CE/EE, versions 10.1 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an insecure direct object reference issue that allows a user to make comments on a locked issue. |
|
37 |
CVE-2018-19578 |
285 |
|
|
2019-07-10 |
2019-07-11 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
GitLab EE, version 11.5 before 11.5.1, is vulnerable to an insecure object reference issue that permits a user with Reporter privileges to view the Jaeger Tracing Operations page. |
|
38 |
CVE-2018-19582 |
639 |
|
|
2019-07-10 |
2020-08-24 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
GitLab EE, versions 11.4 before 11.4.8 and 11.5 before 11.5.1, is affected by an insecure direct object reference vulnerability that permits an unauthorized user to publish the draft merge request comments of another user. |
|
39 |
CVE-2018-19583 |
532 |
|
|
2019-07-10 |
2019-07-16 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
GitLab CE/EE, versions 8.0 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, would log access tokens in the Workhorse logs, permitting administrators with access to the logs to see another user's token. |
|
40 |
CVE-2018-20488 |
200 |
|
+Info |
2019-12-30 |
2020-01-08 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It allows Information Exposure. |
|
41 |
CVE-2018-20493 |
863 |
|
|
2019-12-30 |
2020-01-07 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It has Incorrect Access Control. |
|
42 |
CVE-2018-20497 |
918 |
|
|
2019-12-30 |
2020-01-08 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It allows SSRF. |
|
43 |
CVE-2018-20498 |
863 |
|
|
2019-12-30 |
2020-01-08 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It has Incorrect Access Control. |
|
44 |
CVE-2019-5461 |
20 |
|
|
2019-09-09 |
2021-11-03 |
4.0 |
None |
Remote |
Low |
??? |
None |
Partial |
None |
|
An input validation problem was discovered in the GitHub service integration which could result in an attacker being able to make arbitrary POST requests in a GitLab instance's internal network. This vulnerability was addressed in 12.1.2, 12.0.4, and 11.11.6. |
|
45 |
CVE-2019-5465 |
|
|
|
2020-01-28 |
2020-10-20 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
An information disclosure issue was discovered in GitLab CE/EE 8.14 and later, by using the move issue feature which could result in disclosure of the newly created issue ID. |
|
46 |
CVE-2019-5466 |
639 |
|
|
2020-01-28 |
2020-10-20 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
An IDOR was discovered in GitLab CE/EE 11.5 and later that allowed new merge requests endpoint to disclose label names. |
|
47 |
CVE-2019-5474 |
863 |
|
|
2020-01-28 |
2020-10-19 |
4.0 |
None |
Remote |
Low |
??? |
None |
Partial |
None |
|
An authorization issue was discovered in GitLab EE < 12.1.2, < 12.0.4, and < 11.11.6 allowing the merge request approval rules to be overridden without appropriate permissions. |
|
48 |
CVE-2019-6784 |
79 |
|
XSS |
2019-09-09 |
2019-09-10 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
An issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It allows XSS (issue 1 of 2). Markdown fields contain a lack of input validation and output encoding when processing KaTeX that results in a persistent XSS. |
|
49 |
CVE-2019-6785 |
|
|
DoS |
2019-09-09 |
2020-08-24 |
4.0 |
None |
Remote |
Low |
??? |
None |
None |
Partial |
|
An issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It allows Denial of Service. Inputting an overly long string into a Markdown field could cause a denial of service. |
|
50 |
CVE-2019-6786 |
|
|
|
2019-09-09 |
2020-08-24 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
An issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It has Incorrect Access Control (issue 1 of 3). The contents of an LFS object can be accessed by an unauthorized user, if the file size and OID are known. |
