Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
CVE-2019-7176 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2019-7155
An issue exists in GitLab Community and Enterprise Edition 9.x, 10.x, and 11.x prior to 11.5.8, 11.6.x prior to 11.6.6, and 11.7.x prior to 11.7.1. It has Incorrect Access Control. A user retains their role within a project in a private group after being removed from the group, i...
Gitlab Gitlab
4.3
CVSSv3
CVE-2019-6789
An issue exists in GitLab Community and Enterprise Edition prior to 11.5.8, 11.6.x prior to 11.6.6, and 11.7.x prior to 11.7.1. It allows Information Disclosure (issue 4 of 6). In some cases, users without project permissions will receive emails after a project move. For private ...
Gitlab Gitlab
6.5
CVSSv3
CVE-2019-6791
An issue exists in GitLab Community and Enterprise Edition prior to 11.5.8, 11.6.x prior to 11.6.6, and 11.7.x prior to 11.7.1. It has Incorrect Access Control (issue 3 of 3). When a project with visibility more permissive than the target group is imported, it will retain its pri...
Gitlab Gitlab
5.3
CVSSv3
CVE-2019-6792
An issue exists in GitLab Community and Enterprise Edition prior to 11.5.8, 11.6.x prior to 11.6.6, and 11.7.x prior to 11.7.1. It allows Path Disclosure. When an error is encountered on project import, the error message will display instance internal information.
Gitlab Gitlab
4.3
CVSSv3
CVE-2019-6794
An issue exists in GitLab Community and Enterprise Edition prior to 11.5.8, 11.6.x prior to 11.6.6, and 11.7.x prior to 11.7.1. It allows Information Disclosure (issue 5 of 6). A project guest user can view the last commit status of the default branch.
Gitlab Gitlab
6.1
CVSSv3
CVE-2019-6796
An issue exists in GitLab Community and Enterprise Edition prior to 11.5.8, 11.6.x prior to 11.6.6, and 11.7.x prior to 11.7.1. It allows XSS (issue 2 of 2). The user status field contains a lack of input validation and output encoding that results in a persistent XSS.
Gitlab Gitlab
9.8
CVSSv3
CVE-2019-6960
An issue exists in GitLab Community and Enterprise Edition 9.x, 10.x, and 11.x prior to 11.5.8, 11.6.x prior to 11.6.6, and 11.7.x prior to 11.7.1. It has Incorrect Access Control. Access to the internal wiki is permitted when an external wiki service is enabled.
Gitlab Gitlab
4.3
CVSSv3
CVE-2019-6997
An issue exists in GitLab Community and Enterprise Edition 10.x (starting in 10.7) and 11.x prior to 11.5.8, 11.6.x prior to 11.6.6, and 11.7.x prior to 11.7.1. It has Incorrect Access Control. System notes contain an access control issue that permits a guest user to view merge r...
Gitlab Gitlab
6.5
CVSSv3
CVE-2019-6995
An issue exists in GitLab Community and Enterprise Edition 8.x, 9.x, 10.x, and 11.x prior to 11.5.8, 11.6.x prior to 11.6.6, and 11.7.x prior to 11.7.1. It has Incorrect Access Control. Users are able to comment on locked project issues.
Gitlab Gitlab
7.5
CVSSv3
CVE-2019-6788
An issue exists in GitLab Community and Enterprise Edition prior to 11.5.8, 11.6.x prior to 11.6.6, and 11.7.x prior to 11.7.1. It allows Information Disclosure (issue 3 of 6). For installations using GitHub or Bitbucket OAuth integrations, it is possible to use a covert redirect...
Gitlab Gitlab
2 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
open redirect
CVE-2024-3946
LFI
CVE-2024-25977
CVE-2024-36368
CVE-2024-23109
CVE-2024-23580
CVE-2024-23108
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2