CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Gitlab » Gitlab : Security Vulnerabilities (CVSS score between 4 and 4.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2013-4582 829 2020-01-28 2020-02-04
4.0
None Remote Low ??? Partial None None
The (1) create_branch, (2) create_tag, (3) import_project, and (4) fork_project functions in lib/gitlab_projects.rb in GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, Enterprise Edition before 6.2.1 and gitlab-shell before 1.7.8 allows remote authenticated users to include information from local files into the metadata of a Git repository via the web interface.
2 CVE-2013-7316 79 1 XSS 2014-01-24 2018-10-30
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in GitLab 6.0 and other versions before 6.5.0 allows remote attackers to inject arbitrary web script or HTML via a crafted HTML file, as demonstrated by README.html.
3 CVE-2014-3456 79 XSS 2014-05-13 2014-05-14
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in GitLab Enterprise Edition (EE) 6.6.0 before 6.6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
4 CVE-2014-8540 264 2018-01-05 2018-01-18
4.0
None Remote Low ??? None Partial None
The groups API in GitLab 6.x and 7.x before 7.4.3 allows remote authenticated guest users to modify ownership of arbitrary groups by leveraging improper permission checks.
5 CVE-2016-9086 200 +Info 2016-11-03 2016-11-29
4.0
None Remote Low ??? Partial None None
GitLab versions 8.9.x and above contain a critical security flaw in the "import/export project" feature of GitLab. Added in GitLab 8.9, this feature allows a user to export and then re-import their projects as tape archive files (tar). All GitLab versions prior to 8.13.0 restricted this feature to administrators only. Starting with version 8.13.0 this feature was made available to all users. This feature did not properly check for symbolic links in user-provided archives and therefore it was possible for an authenticated user to retrieve the contents of any file accessible to the GitLab service account. This included sensitive files such as those that contain secret tokens used by the GitLab service to authenticate users. GitLab CE and EE versions 8.13.0 through 8.13.2, 8.12.0 through 8.12.7, 8.11.0 through 8.11.10, 8.10.0 through 8.10.12, and 8.9.0 through 8.9.11 are affected.
6 CVE-2017-0882 200 +Info 2017-03-28 2019-10-09
4.0
None Remote Low ??? Partial None None
Multiple versions of GitLab expose sensitive user credentials when assigning a user to an issue or merge request. A fix was included in versions 8.15.8, 8.16.7, and 8.17.4, which were released on March 20th 2017 at 23:59 UTC.
7 CVE-2017-0917 79 XSS 2018-03-21 2019-10-09
4.3
None Remote Medium Not required None Partial None
Gitlab Community Edition version 10.2.4 is vulnerable to lack of input validation in the CI job component resulting in persistent cross site scripting.
8 CVE-2017-0920 863 Bypass 2018-03-22 2019-10-03
4.0
None Remote Low ??? Partial None None
GitLab Community and Enterprise Editions before 10.1.6, 10.2.6, and 10.3.4 are vulnerable to an authorization bypass issue in the Projects::MergeRequests::CreationsController component resulting in an attacker to see every project name and their respective namespace on a GitLab instance.
9 CVE-2017-0923 79 XSS 2018-03-21 2019-10-09
4.3
None Remote Medium Not required None Partial None
Gitlab Community Edition version 9.1 is vulnerable to lack of input validation in the IPython notebooks component resulting in persistent cross site scripting.
10 CVE-2017-0924 79 XSS 2018-03-21 2019-10-09
4.3
None Remote Medium Not required None Partial None
Gitlab Community Edition version 10.2.4 is vulnerable to lack of input validation in the labels component resulting in persistent cross site scripting.
11 CVE-2017-0925 319 2018-03-21 2019-10-09
4.0
None Remote Low ??? Partial None None
Gitlab Enterprise Edition version 10.1.0 is vulnerable to an insufficiently protected credential issue in the project service integration API endpoint resulting in an information disclosure of plaintext password.
12 CVE-2017-0927 863 2018-03-21 2019-10-09
4.0
None Remote Low ??? None Partial None
Gitlab Community Edition version 10.3 is vulnerable to an improper authorization issue in the deployment keys component resulting in unauthorized use of deployment keys by guest users.
13 CVE-2017-8778 79 XSS 2017-05-04 2017-05-15
4.3
None Remote Medium Not required None Partial None
GitLab before 8.14.9, 8.15.x before 8.15.6, and 8.16.x before 8.16.5 has XSS via a SCRIPT element in an issue attachment or avatar that is an SVG document.
14 CVE-2017-11437 732 2017-08-02 2019-10-03
4.0
None Remote Low ??? Partial None None
GitLab Enterprise Edition (EE) before 8.17.7, 9.0.11, 9.1.8, 9.2.8, and 9.3.8 allows an authenticated user with the ability to create a project to use the mirroring feature to potentially read repositories belonging to other users.
15 CVE-2017-17716 295 2017-12-17 2018-01-04
4.3
None Remote Medium Not required Partial None None
GitLab 9.4.x before 9.4.2 does not support LDAP SSL certificate verification, but a verify_certificates LDAP option was mentioned in the 9.4 release announcement. This issue occurred because code was not merged. This is related to use of the omniauth-ldap library and the gitlab_omniauth-ldap gem.
16 CVE-2018-8801 918 2018-04-25 2019-02-27
4.0
None Remote Low ??? Partial None None
GitLab Community and Enterprise Editions version 8.3 up to 10.x before 10.3 are vulnerable to SSRF in the Services and webhooks component.
17 CVE-2018-9243 79 XSS 2018-04-05 2019-02-27
4.3
None Remote Medium Not required None Partial None
GitLab Community and Enterprise Editions version 8.4 up to 10.4 are vulnerable to XSS because a lack of input validation in the merge request component leads to cross site scripting (specifically, filenames in changes tabs of merge requests). This is fixed in 10.6.3, 10.5.7, and 10.4.7.
18 CVE-2018-9244 79 XSS 2018-04-05 2019-02-27
4.3
None Remote Medium Not required None Partial None
GitLab Community and Enterprise Editions version 9.2 up to 10.4 are vulnerable to XSS because a lack of input validation in the milestones component leads to cross site scripting (specifically, data-milestone-id in the milestone dropdown feature). This is fixed in 10.6.3, 10.5.7, and 10.4.7.
19 CVE-2018-10379 79 XSS 2018-05-31 2018-06-29
4.3
None Remote Medium Not required None Partial None
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) before 10.5.8, 10.6.x before 10.6.5, and 10.7.x before 10.7.2. The Move Issue feature contained a persistent XSS vulnerability.
20 CVE-2018-14604 79 XSS 2018-07-27 2018-09-18
4.3
None Remote Medium Not required None Partial None
An issue was discovered in GitLab Community and Enterprise Edition before 10.8.7, 11.0.x before 11.0.5, and 11.1.x before 11.1.2. XSS can occur in the tooltip of the job inside the CI/CD pipeline.
21 CVE-2018-16048 862 2018-10-03 2019-10-03
4.0
None Remote Low ??? None Partial None
An issue was discovered in GitLab Community and Enterprise Edition before 11.0.6, 11.1.x before 11.1.5, and 11.2.x before 11.2.2. There is Missing Authorization Control for API Repository Storage.
22 CVE-2018-16050 79 XSS 2018-10-03 2018-11-19
4.3
None Remote Medium Not required None Partial None
An issue was discovered in GitLab Community and Enterprise Edition 11.1.x before 11.1.5 and 11.2.x before 11.2.2. There is Persistent XSS in the Merge Request Changes View.
23 CVE-2018-16051 200 +Info 2018-10-03 2018-12-04
4.0
None Remote Low ??? Partial None None
An issue was discovered in GitLab Community and Enterprise Edition before 11.0.6, 11.1.x before 11.1.5, and 11.2.x before 11.2.2. There is Orphaned Upload Files Exposure.
24 CVE-2018-17976 200 +Info 2018-12-04 2018-12-28
4.0
None Remote Low ??? Partial None None
An issue was discovered in GitLab Community Edition 11.x before 11.1.8, 11.2.x before 11.2.5, and 11.3.x before 11.3.2. There is Information Exposure via Epic change descriptions.
25 CVE-2018-18640 200 +Info 2018-12-04 2018-12-27
4.0
None Remote Low ??? Partial None None
An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It has Information Exposure Through Browser Caching.
26 CVE-2018-18642 79 XSS 2018-12-04 2018-12-21
4.3
None Remote Medium Not required None Partial None
An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It has XSS.
27 CVE-2018-18643 79 XSS 2019-04-25 2019-04-26
4.3
None Remote Medium Not required None Partial None
GitLab CE & EE 11.2 and later and before 11.5.0-rc12, 11.4.6, and 11.3.10 have Persistent XSS.
28 CVE-2018-18644 200 +Info 2018-12-04 2018-12-27
4.0
None Remote Low ??? Partial None None
An issue was discovered in GitLab Community and Enterprise Edition 11.x before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It allows Information Exposure via a Gitlab Prometheus integration.
29 CVE-2018-18645 200 +Info 2018-12-04 2018-12-21
4.3
None Remote Medium Not required Partial None None
An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It allows for Information Exposure via unsubscribe links in email replies.
30 CVE-2018-19493 79 XSS 2019-07-10 2019-07-11
4.3
None Remote Medium Not required None Partial None
An issue was discovered in GitLab Community and Enterprise Edition 11.x before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1. There is a persistent XSS vulnerability in the environment pages due to a lack of input validation and output encoding.
31 CVE-2018-19494 284 2019-07-10 2019-07-11
4.0
None Remote Low ??? Partial None None
An issue was discovered in GitLab Community and Enterprise Edition 11.x before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1. There is an incorrect access vulnerability that allows an unauthorized user to view private group names.
32 CVE-2018-19495 918 2019-07-10 2019-07-11
4.0
None Remote Low ??? Partial None None
An issue was discovered in GitLab Community and Enterprise Edition before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1. There is an SSRF vulnerability in the Prometheus integration.
33 CVE-2018-19496 284 2019-07-10 2019-07-11
4.0
None Remote Low ??? None Partial None
An issue was discovered in GitLab Community and Enterprise Edition 10.x and 11.x before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1. There is an incorrect access control vulnerability that permits a user with insufficient privileges to promote a project milestone to a group milestone.
34 CVE-2018-19571 918 2019-07-10 2020-12-24
4.0
None Remote Low ??? Partial None None
GitLab CE/EE, versions 8.18 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an SSRF vulnerability in webhooks.
35 CVE-2018-19572 362 2019-07-10 2019-07-11
4.3
None Remote Medium Not required Partial None None
GitLab CE 8.17 and later and EE 8.3 and later have a symlink time-of-check-to-time-of-use race condition that would allow unauthorized access to files in the GitLab Pages chroot environment. This is fixed in versions 11.5.1, 11.4.8, and 11.3.11.
36 CVE-2018-19575 639 2019-07-10 2020-08-24
4.0
None Remote Low ??? None Partial None
GitLab CE/EE, versions 10.1 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an insecure direct object reference issue that allows a user to make comments on a locked issue.
37 CVE-2018-19578 285 2019-07-10 2019-07-11
4.0
None Remote Low ??? Partial None None
GitLab EE, version 11.5 before 11.5.1, is vulnerable to an insecure object reference issue that permits a user with Reporter privileges to view the Jaeger Tracing Operations page.
38 CVE-2018-19582 639 2019-07-10 2020-08-24
4.0
None Remote Low ??? Partial None None
GitLab EE, versions 11.4 before 11.4.8 and 11.5 before 11.5.1, is affected by an insecure direct object reference vulnerability that permits an unauthorized user to publish the draft merge request comments of another user.
39 CVE-2018-19583 532 2019-07-10 2019-07-16
4.0
None Remote Low ??? Partial None None
GitLab CE/EE, versions 8.0 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, would log access tokens in the Workhorse logs, permitting administrators with access to the logs to see another user's token.
40 CVE-2018-20488 200 +Info 2019-12-30 2020-01-08
4.0
None Remote Low ??? Partial None None
An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It allows Information Exposure.
41 CVE-2018-20493 863 2019-12-30 2020-01-07
4.0
None Remote Low ??? Partial None None
An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It has Incorrect Access Control.
42 CVE-2018-20497 918 2019-12-30 2020-01-08
4.0
None Remote Low ??? Partial None None
An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It allows SSRF.
43 CVE-2018-20498 863 2019-12-30 2020-01-08
4.0
None Remote Low ??? Partial None None
An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It has Incorrect Access Control.
44 CVE-2019-5461 20 2019-09-09 2021-11-03
4.0
None Remote Low ??? None Partial None
An input validation problem was discovered in the GitHub service integration which could result in an attacker being able to make arbitrary POST requests in a GitLab instance's internal network. This vulnerability was addressed in 12.1.2, 12.0.4, and 11.11.6.
45 CVE-2019-5465 2020-01-28 2020-10-20
4.0
None Remote Low ??? Partial None None
An information disclosure issue was discovered in GitLab CE/EE 8.14 and later, by using the move issue feature which could result in disclosure of the newly created issue ID.
46 CVE-2019-5466 639 2020-01-28 2020-10-20
4.0
None Remote Low ??? Partial None None
An IDOR was discovered in GitLab CE/EE 11.5 and later that allowed new merge requests endpoint to disclose label names.
47 CVE-2019-5474 863 2020-01-28 2020-10-19
4.0
None Remote Low ??? None Partial None
An authorization issue was discovered in GitLab EE < 12.1.2, < 12.0.4, and < 11.11.6 allowing the merge request approval rules to be overridden without appropriate permissions.
48 CVE-2019-6784 79 XSS 2019-09-09 2019-09-10
4.3
None Remote Medium Not required None Partial None
An issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It allows XSS (issue 1 of 2). Markdown fields contain a lack of input validation and output encoding when processing KaTeX that results in a persistent XSS.
49 CVE-2019-6785 DoS 2019-09-09 2020-08-24
4.0
None Remote Low ??? None None Partial
An issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It allows Denial of Service. Inputting an overly long string into a Markdown field could cause a denial of service.
50 CVE-2019-6786 2019-09-09 2020-08-24
4.0
None Remote Low ??? Partial None None
An issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It has Incorrect Access Control (issue 1 of 3). The contents of an LFS object can be accessed by an unauthorized user, if the file size and OID are known.
Total number of vulnerabilities : 306   Page : 1 (This Page)2 3 4 5 6 7
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.