Information on source package gitlab

Available versions

ReleaseVersion
sid12.6.8-3

Open issues

BugsidDescription
CVE-2020-10956vulnerableGitLab 8.10 and later through 12.9 is vulnerable to an SSRF in a proje ...
CVE-2020-10955vulnerableGitLab EE/CE 11.1 through 12.9 is vulnerable to parameter tampering on ...
CVE-2020-10954vulnerableGitLab through 12.9 is affected by a potential DoS in repository archi ...
CVE-2020-10952vulnerableGitLab EE/CE 8.11 through 12.9.1 allows blocked users to pull/push doc ...

Resolved issues

BugDescription
TEMP-0902726-51ACFEgitlab: Content injection via username
TEMP-0902726-3BBE24gitlab: Activity feed publicly displaying internal project names
TEMP-0900522-A18AAEgitlab: include directive in .gitlab-ci.yml allows SSRF requests
TEMP-0900522-7DE480gitlab: Arbitrary assignment of project fields using Import project
TEMP-0900522-4405E2gitlab: Removing public deploy keys regression
TEMP-0900522-3AD97Cgitlab: Permissions issue in Merge Requests Create Service
TEMP-0900522-298D01gitlab: Persistent XSS - Multiple locations of user selection drop downs
TEMP-0900522-27F98Dgitlab: Persistent XSS - Selecting users as allowed merge request approvers
TEMP-0894867-E5064BConfidential issue comments in Slack, Mattermost, and webhook integrations
TEMP-0000000-DE2DCDgitlab: Missing CSRF in System Hooks
TEMP-0000000-077068gitlab: Persistent XSS in Pipeline Tooltip
CVE-2020-8795In GitLab Enterprise Edition (EE) 12.5.0 through 12.7.5, sharing a gro ...
CVE-2020-8114GitLab EE 8.9 and later through 12.7.2 has Insecure Permission ...
CVE-2020-8113GitLab 10.7 and later through 12.7.2 has Incorrect Access Control. ...
CVE-2020-7979GitLab EE 8.9 and later through 12.7.2 has Insecure Permission ...
CVE-2020-7978GitLab EE 12.6 and later through 12.7.2 allows Denial of Service. ...
CVE-2020-7977GitLab EE 8.8 and later through 12.7.2 has Insecure Permissions. ...
CVE-2020-7976GitLab EE 12.4 and later through 12.7.2 has Incorrect Access Control. ...
CVE-2020-7974GitLab EE 10.1 through 12.7.2 allows Information Disclosure. ...
CVE-2020-7973GitLab through 12.7.2 allows XSS. ...
CVE-2020-7972GitLab EE 12.2 has Insecure Permissions (issue 2 of 2). ...
CVE-2020-7971GitLab EE 11.0 and later through 12.7.2 allows XSS. ...
CVE-2020-7969GitLab EE 8.0 and later through 12.7.2 allows Information Disclosure. ...
CVE-2020-7968GitLab EE 8.0 through 12.7.2 has Incorrect Access Control. ...
CVE-2020-7967GitLab EE 8.0 through 12.7.2 has Insecure Permissions (issue 1 of 2). ...
CVE-2020-7966GitLab EE 11.11 and later through 12.7.2 allows Directory Traversal. ...
CVE-2020-6833An issue was discovered in GitLab EE 11.3 and later. A GitLab Workhors ...
CVE-2020-6832An issue was discovered in GitLab Enterprise Edition (EE) 8.9.0 throug ...
CVE-2020-5197An issue was discovered in GitLab Community Edition (CE) and Enterpris ...
CVE-2020-10953In GitLab EE 11.7 through 12.9, the NPM feature is vulnerable to a pat ...
CVE-2020-10535GitLab 12.8.x before 12.8.6, when sign-up is enabled, allows remote at ...
CVE-2020-10092GitLab 12.1 through 12.8.1 allows XSS. A cross-site scripting vulnerab ...
CVE-2020-10091GitLab 9.3 through 12.8.1 allows XSS. A cross-site scripting vulnerabi ...
CVE-2020-10090GitLab 11.7 through 12.8.1 allows Information Disclosure. Under certai ...
CVE-2020-10089GitLab 8.11 through 12.8.1 allows a Denial of Service when using sever ...
CVE-2020-10088GitLab 12.5 through 12.8.1 has Insecure Permissions. Depending on part ...
CVE-2020-10087GitLab before 12.8.2 allows Information Disclosure. Badge images were ...
CVE-2020-10086GitLab 10.4 through 12.8.1 allows Directory Traversal. A particular en ...
CVE-2020-10085GitLab 12.3.5 through 12.8.1 allows Information Disclosure. A particul ...
CVE-2020-10084GitLab EE 11.6 through 12.8.1 allows Information Disclosure. Sending a ...
CVE-2020-10083GitLab 12.7 through 12.8.1 has Insecure Permissions. Under certain con ...
CVE-2020-10082GitLab 12.2 through 12.8.1 allows Denial of Service. A denial of servi ...
CVE-2020-10081GitLab before 12.8.2 has Incorrect Access Control. It was internally d ...
CVE-2020-10080GitLab 8.3 through 12.8.1 allows Information Disclosure. It was possib ...
CVE-2020-10079GitLab 7.10 through 12.8.1 has Incorrect Access Control. Under certain ...
CVE-2020-10078GitLab 12.1 through 12.8.1 allows XSS. The merge request submission fo ...
CVE-2020-10077GitLab EE 3.0 through 12.8.1 allows SSRF. An internal investigation re ...
CVE-2020-10076GitLab 12.1 through 12.8.1 allows XSS. A stored cross-site scripting v ...
CVE-2020-10075GitLab 12.5 through 12.8.1 allows HTML Injection. A particular error h ...
CVE-2020-10074GitLab 10.1 through 12.8.1 has Incorrect Access Control. A scenario wa ...
CVE-2020-10073GitLab EE 12.4.2 through 12.8.1 allows Denial of Service. It was inter ...
CVE-2019-9890An issue was discovered in GitLab Community and Enterprise Edition 10. ...
CVE-2019-9866An issue was discovered in GitLab Community and Enterprise Edition 11. ...
CVE-2019-9756An issue was discovered in GitLab Community and Enterprise Edition 10. ...
CVE-2019-9732An issue was discovered in GitLab Community and Enterprise Edition 10. ...
CVE-2019-9485An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2019-9225An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2019-9224An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2019-9223An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2019-9222An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2019-9221An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2019-9220An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2019-9219An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2019-9218An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2019-9217An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2019-9179An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2019-9178An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2019-9176An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2019-9175An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2019-9174An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2019-9172An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2019-9171An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2019-9170An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2019-7549An issue was discovered in GitLab Community and Enterprise Edition 10. ...
CVE-2019-7353An Incorrect Access Control issue was discovered in GitLab Community a ...
CVE-2019-7176An issue was discovered in GitLab Community and Enterprise Edition 8.x ...
CVE-2019-7155An issue was discovered in GitLab Community and Enterprise Edition 9.x ...
CVE-2019-6997An issue was discovered in GitLab Community and Enterprise Edition 10. ...
CVE-2019-6996An issue was discovered in GitLab Enterprise Edition 10.x (starting in ...
CVE-2019-6995An issue was discovered in GitLab Community and Enterprise Edition 8.x ...
CVE-2019-6960An issue was discovered in GitLab Community and Enterprise Edition 9.x ...
CVE-2019-6797An information disclosure issue was discovered in GitLab Enterprise Ed ...
CVE-2019-6796An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2019-6795An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2019-6794An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2019-6793An issue was discovered in GitLab Enterprise Edition before 11.5.8, 11 ...
CVE-2019-6792An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2019-6791An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2019-6790An Incorrect Access Control (issue 2 of 3) issue was discovered in Git ...
CVE-2019-6789An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2019-6788An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2019-6787An Incorrect Access Control issue was discovered in GitLab Community a ...
CVE-2019-6786An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2019-6785An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2019-6784An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2019-6783An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2019-6782An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2019-6781An Improper Input Validation issue was discovered in GitLab Community ...
CVE-2019-6240An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2019-5883An Incorrect Access Control issue was discovered in GitLab Community a ...
CVE-2019-5487An improper access control vulnerability exists in Gitlab EE <v12.3 ...
CVE-2019-5486A authentication bypass vulnerability exists in GitLab CE/EE <v12.3 ...
CVE-2019-5474An authorization issue was discovered in GitLab EE < 12.1.2, < 1 ...
CVE-2019-5473An authentication issue was discovered in GitLab that allowed a bypass ...
CVE-2019-5472An authorization issue was discovered in Gitlab versions < 12.1.2, ...
CVE-2019-5471An input validation and output encoding issue was discovered in the Gi ...
CVE-2019-5470An information disclosure issue was discovered GitLab versions < 12 ...
CVE-2019-5469An IDOR vulnerability exists in GitLab <v12.1.2, <v12.0.4, and & ...
CVE-2019-5468An privilege escalation issue was discovered in Gitlab versions < 1 ...
CVE-2019-5467An input validation and output encoding issue was discovered in the Gi ...
CVE-2019-5466An IDOR was discovered in GitLab CE/EE 11.5 and later that allowed new ...
CVE-2019-5465An information disclosure issue was discovered in GitLab CE/EE 8.14 an ...
CVE-2019-5464A flawed DNS rebinding protection issue was discovered in GitLab CE/EE ...
CVE-2019-5463An authorization issue was discovered in the GitLab CE/EE CI badge ima ...
CVE-2019-5462A privilege escalation issue was discovered in GitLab CE/EE 9.0 and la ...
CVE-2019-5461An input validation problem was discovered in the GitHub service integ ...
CVE-2019-20148An issue was discovered in GitLab Community Edition (CE) and Enterpris ...
CVE-2019-20147An issue was discovered in GitLab Community Edition (CE) and Enterpris ...
CVE-2019-20146An issue was discovered in GitLab Community Edition (CE) and Enterpris ...
CVE-2019-20145An issue was discovered in GitLab Community Edition (CE) and Enterpris ...
CVE-2019-20144An issue was discovered in GitLab Community Edition (CE) and Enterpris ...
CVE-2019-20143An issue was discovered in GitLab Community Edition (CE) and Enterpris ...
CVE-2019-20142An issue was discovered in GitLab Community Edition (CE) and Enterpris ...
CVE-2019-19629In GitLab EE 10.5 through 12.5.3, 12.4.5, and 12.3.8, when transferrin ...
CVE-2019-19628In GitLab EE 11.3 through 12.5.3, 12.4.5, and 12.3.8, insufficient par ...
CVE-2019-19314GitLab EE 8.4 through 12.5, 12.4.3, and 12.3.6 stored several tokens i ...
CVE-2019-19313GitLab EE 12.3 through 12.5, 12.4.3, and 12.3.6 allows Denial of Servi ...
CVE-2019-19312GitLab EE 8.14 through 12.5, 12.4.3, and 12.3.6 has Incorrect Access C ...
CVE-2019-19311GitLab EE 8.14 through 12.5, 12.4.3, and 12.3.6 allows XSS in group an ...
CVE-2019-19310GitLab Enterprise Edition (EE) 9.0 and later through 12.5 allows Infor ...
CVE-2019-19309GitLab Enterprise Edition (EE) 8.90 and later through 12.5 has Incorre ...
CVE-2019-19263GitLab Enterprise Edition (EE) 8.2 and later through 12.5 has Insecure ...
CVE-2019-19262GitLab Enterprise Edition (EE) 11.9 and later through 12.5 has Insecur ...
CVE-2019-19261GitLab Enterprise Edition (EE) 6.7 and later through 12.5 allows SSRF. ...
CVE-2019-19260GitLab Community Edition (CE) and Enterprise Edition (EE) through 12.5 ...
CVE-2019-19259GitLab Enterprise Edition (EE) 11.3 and later through 12.5 allows an I ...
CVE-2019-19258GitLab Enterprise Edition (EE) 10.8 and later through 12.5 has Incorre ...
CVE-2019-19257GitLab Community Edition (CE) and Enterprise Edition (EE) through 12.5 ...
CVE-2019-19256GitLab Enterprise Edition (EE) 12.2 and later through 12.5 has Incorre ...
CVE-2019-19255GitLab Enterprise Edition (EE) 12.3 and later through 12.5 has Incorre ...
CVE-2019-19254GitLab Community Edition (CE) and Enterprise Edition (EE). 9.6 and lat ...
CVE-2019-19088Gitlab Enterprise Edition (EE) 11.3 through 12.4.2 allows Directory Tr ...
CVE-2019-19087Gitlab Enterprise Edition (EE) before 12.5.1 has Insecure Permissions ...
CVE-2019-19086Gitlab Enterprise Edition (EE) before 12.5.1 has Insecure Permissions ...
CVE-2019-18463An issue was discovered in GitLab Community and Enterprise Edition thr ...
CVE-2019-18462An issue was discovered in GitLab Community and Enterprise Edition 11. ...
CVE-2019-18461An issue was discovered in GitLab Community and Enterprise Edition 11. ...
CVE-2019-18460An issue was discovered in GitLab Community and Enterprise Edition 8.1 ...
CVE-2019-18459An issue was discovered in GitLab Community and Enterprise Edition 11. ...
CVE-2019-18458An issue was discovered in GitLab Community and Enterprise Edition thr ...
CVE-2019-18457An issue was discovered in GitLab Community and Enterprise Edition 11. ...
CVE-2019-18456An issue was discovered in GitLab Community and Enterprise Edition 8.1 ...
CVE-2019-18455An issue was discovered in GitLab Community and Enterprise Edition 11 ...
CVE-2019-18454An issue was discovered in GitLab Community and Enterprise Edition 10. ...
CVE-2019-18453An issue was discovered in GitLab Community and Enterprise Edition 11. ...
CVE-2019-18452An issue was discovered in GitLab Community and Enterprise Edition 11. ...
CVE-2019-18451An issue was discovered in GitLab Community and Enterprise Edition 10. ...
CVE-2019-18450An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2019-18449An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2019-18448An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2019-18447An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2019-18446An issue was discovered in GitLab Community and Enterprise Edition 8.1 ...
CVE-2019-16170An issue was discovered in GitLab Enterprise Edition 11.x and 12.x bef ...
CVE-2019-15740An issue was discovered in GitLab Community and Enterprise Edition 7.9 ...
CVE-2019-15739An issue was discovered in GitLab Community and Enterprise Edition 8.1 ...
CVE-2019-15738An issue was discovered in GitLab Community and Enterprise Edition 12. ...
CVE-2019-15737An issue was discovered in GitLab Community and Enterprise Edition thr ...
CVE-2019-15736An issue was discovered in GitLab Community and Enterprise Edition thr ...
CVE-2019-15734An issue was discovered in GitLab Community and Enterprise Edition 8.6 ...
CVE-2019-15733An issue was discovered in GitLab Community and Enterprise Edition 7.1 ...
CVE-2019-15732An issue was discovered in GitLab Community and Enterprise Edition 12. ...
CVE-2019-15731An issue was discovered in GitLab Community and Enterprise Edition 12. ...
CVE-2019-15730An issue was discovered in GitLab Community and Enterprise Edition 8.1 ...
CVE-2019-15729An issue was discovered in GitLab Community and Enterprise Edition 8.1 ...
CVE-2019-15728An issue was discovered in GitLab Community and Enterprise Edition 10. ...
CVE-2019-15727An issue was discovered in GitLab Community and Enterprise Edition 11. ...
CVE-2019-15726An issue was discovered in GitLab Community and Enterprise Edition thr ...
CVE-2019-15725An issue was discovered in GitLab Community and Enterprise Edition 12. ...
CVE-2019-15724An issue was discovered in GitLab Community and Enterprise Edition 11. ...
CVE-2019-15723An issue was discovered in GitLab Community and Enterprise Edition 11. ...
CVE-2019-15722An issue was discovered in GitLab Community and Enterprise Edition 8.1 ...
CVE-2019-15721An issue was discovered in GitLab Community and Enterprise Edition 10. ...
CVE-2019-15594GitLab 11.8 and later contains a security vulnerability that allows a ...
CVE-2019-15593GitLab 12.2.3 contains a security vulnerability that allows a user to ...
CVE-2019-15592GitLab 12.2.2 and below contains a security vulnerability that allows ...
CVE-2019-15591An improper access control vulnerability exists in GitLab <12.3.3 t ...
CVE-2019-15590An access control issue exists in < 12.3.5, < 12.2.8, and < 1 ...
CVE-2019-15589An improper access control vulnerability exists in Gitlab <v12.3.2, ...
CVE-2019-15586A XSS exists in Gitlab CE/EE < 12.1.10 in the Mermaid plugin. ...
CVE-2019-15585Improper authentication exists in < 12.3.2, < 12.2.6, and < 1 ...
CVE-2019-15584A denial of service exists in gitlab <v12.3.2, <v12.2.6, and &lt ...
CVE-2019-15583An information disclosure exists in < 12.3.2, < 12.2.6, and < ...
CVE-2019-15582An IDOR was discovered in < 12.3.2, < 12.2.6, and < 12.1.12 f ...
CVE-2019-15581An IDOR exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLa ...
CVE-2019-15580An information exposure vulnerability exists in gitlab.com <v12.3.2 ...
CVE-2019-15579An information disclosure exists in < 12.3.2, < 12.2.6, and < ...
CVE-2019-15578An information disclosure exists in < 12.3.2, < 12.2.6, and < ...
CVE-2019-15577An information disclosure vulnerability exists in GitLab CE/EE <v12 ...
CVE-2019-15576An information disclosure vulnerability exists in GitLab CE/EE <v12 ...
CVE-2019-15575A command injection exists in GitLab CE/EE <v12.3.2, <v12.2.6, a ...
CVE-2019-14944Multiple Command-Line Flag Injection Vulnerabilities
CVE-2019-14943An issue was discovered in GitLab Community and Enterprise Edition 12. ...
CVE-2019-14942Insecure Cookie Handling on GitLab Pages
CVE-2019-13121An issue was discovered in GitLab Enterprise Edition 10.6 through 12.0 ...
CVE-2019-13011An issue was discovered in GitLab Enterprise Edition 8.11.0 through 12 ...
CVE-2019-13010An issue was discovered in GitLab Enterprise Edition 8.3 through 12.0. ...
CVE-2019-13009An issue was discovered in GitLab Community and Enterprise Edition 9.2 ...
CVE-2019-13007An issue was discovered in GitLab Community and Enterprise Edition 11. ...
CVE-2019-13006An issue was discovered in GitLab Community and Enterprise Edition 9.0 ...
CVE-2019-13005An issue was discovered in GitLab Enterprise Edition and Community Edi ...
CVE-2019-13004An issue was discovered in GitLab Community and Enterprise Edition 11. ...
CVE-2019-13003An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2019-13002An issue was discovered in GitLab Community and Enterprise Edition 11. ...
CVE-2019-13001An issue was discovered in GitLab Community and Enterprise Edition 11. ...
CVE-2019-12825Unauthorized Access to the Container Registry of other groups was disc ...
CVE-2019-12446An issue was discovered in GitLab Community and Enterprise Edition 8.3 ...
CVE-2019-12445An issue was discovered in GitLab Community and Enterprise Edition 8.4 ...
CVE-2019-12444An issue was discovered in GitLab Community and Enterprise Edition 8.9 ...
CVE-2019-12443An issue was discovered in GitLab Community and Enterprise Edition 10. ...
CVE-2019-12442An issue was discovered in GitLab Enterprise Edition 11.7 through 11.1 ...
CVE-2019-12441An issue was discovered in GitLab Community and Enterprise Edition 8.4 ...
CVE-2019-12434An issue was discovered in GitLab Community and Enterprise Edition 10. ...
CVE-2019-12433An issue was discovered in GitLab Community and Enterprise Edition 11. ...
CVE-2019-12432An issue was discovered in GitLab Community and Enterprise Edition 8.1 ...
CVE-2019-12431An issue was discovered in GitLab Community and Enterprise Edition 8.1 ...
CVE-2019-12430An issue was discovered in GitLab Community and Enterprise Edition 11. ...
CVE-2019-12429An issue was discovered in GitLab Community and Enterprise Edition 11. ...
CVE-2019-12428An issue was discovered in GitLab Community and Enterprise Edition 6.8 ...
CVE-2019-11605An issue was discovered in GitLab Community and Enterprise Edition 11. ...
CVE-2019-11549An issue was discovered in GitLab Community and Enterprise Edition 9.x ...
CVE-2019-11548An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2019-11547An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2019-11546An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2019-11545An issue was discovered in GitLab Community Edition 11.9.x before 11.9 ...
CVE-2019-11544An issue was discovered in GitLab Community and Enterprise Edition 8.x ...
CVE-2019-11000An issue was discovered in GitLab Enterprise Edition before 11.7.11, 1 ...
CVE-2019-10640An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2019-10117An Open Redirect issue was discovered in GitLab Community and Enterpri ...
CVE-2019-10116An Insecure Permissions issue (issue 3 of 3) was discovered in GitLab ...
CVE-2019-10115An Insecure Permissions issue (issue 2 of 3) was discovered in GitLab ...
CVE-2019-10114An Information Exposure issue (issue 2 of 2) was discovered in GitLab ...
CVE-2019-10113An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2019-10112An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2019-10111An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2019-10110An Insecure Permissions issue (issue 1 of 3) was discovered in GitLab ...
CVE-2019-10109An Information Exposure issue (issue 1 of 2) was discovered in GitLab ...
CVE-2019-10108An Incorrect Access Control (issue 1 of 2) was discovered in GitLab Co ...
CVE-2018-9244GitLab Community and Enterprise Editions version 9.2 up to 10.4 are vu ...
CVE-2018-9243GitLab Community and Enterprise Editions version 8.4 up to 10.4 are vu ...
CVE-2018-8971The Auth0 integration in GitLab before 10.3.9, 10.4.x before 10.4.6, a ...
CVE-2018-8801GitLab Community and Enterprise Editions version 8.3 up to 10.x before ...
CVE-2018-5158The PDF viewer does not sufficiently sanitize PostScript calculator fu ...
CVE-2018-3710Gitlab Community and Enterprise Editions version 10.3.3 is vulnerable ...
CVE-2018-20507An issue was discovered in GitLab Enterprise Edition 11.2.x through 11 ...
CVE-2018-20501An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2018-20500An insecure permissions issue was discovered in GitLab Community and E ...
CVE-2018-20499An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2018-20498An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2018-20497An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2018-20496An issue was discovered in GitLab Community and Enterprise Edition 11. ...
CVE-2018-20495An issue was discovered in GitLab Community and Enterprise Edition 11. ...
CVE-2018-20494An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2018-20493An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2018-20492An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2018-20491An issue was discovered in GitLab Enterprise Edition 11.3.x and 11.4.x ...
CVE-2018-20490An issue was discovered in GitLab Community and Enterprise Edition 11. ...
CVE-2018-20489An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2018-20488An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2018-20229GitLab Community and Enterprise Edition before 11.3.14, 11.4.x before ...
CVE-2018-20144GitLab Community and Enterprise Edition 11.x before 11.3.13, 11.4.x be ...
CVE-2018-19856GitLab CE/EE before 11.3.12, 11.4.x before 11.4.10, and 11.5.x before ...
CVE-2018-19585GitLab CE/EE versions 8.18 up to 11.x before 11.3.11, 11.4.x before 11 ...
CVE-2018-19584GitLab EE, versions 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 ...
CVE-2018-19583GitLab CE/EE, versions 8.0 up to 11.x before 11.3.11, 11.4 before 11.4 ...
CVE-2018-19582GitLab EE, versions 11.4 before 11.4.8 and 11.5 before 11.5.1, is affe ...
CVE-2018-19581GitLab EE, versions 8.3 up to 11.x before 11.3.11, 11.4 before 11.4.8, ...
CVE-2018-19580All versions of GitLab prior to 11.5.1, 11.4.8, and 11.3.11 do not sen ...
CVE-2018-19579GitLab EE version 11.5 is vulnerable to a persistent XSS vulnerability ...
CVE-2018-19578GitLab EE, version 11.5 before 11.5.1, is vulnerable to an insecure ob ...
CVE-2018-19577Gitlab CE/EE, versions 8.6 up to 11.x before 11.3.11, 11.4 before 11.4 ...
CVE-2018-19576GitLab CE/EE, versions 8.6 up to 11.x before 11.3.11, 11.4 before 11.4 ...
CVE-2018-19575GitLab CE/EE, versions 10.1 up to 11.x before 11.3.11, 11.4 before 11. ...
CVE-2018-19574GitLab CE/EE, versions 7.6 up to 11.x before 11.3.11, 11.4 before 11.4 ...
CVE-2018-19573GitLab CE/EE, versions 10.3 up to 11.x before 11.3.11, 11.4 before 11. ...
CVE-2018-19572GitLab CE 8.17 and later and EE 8.3 and later have a symlink time-of-c ...
CVE-2018-19571GitLab CE/EE, versions 8.18 up to 11.x before 11.3.11, 11.4 before 11. ...
CVE-2018-19570GitLab CE/EE, versions 11.3 before 11.3.11, 11.4 before 11.4.8, and 11 ...
CVE-2018-19569GitLab CE/EE, versions 8.8 up to 11.x before 11.3.11, 11.4 before 11.4 ...
CVE-2018-19496An issue was discovered in GitLab Community and Enterprise Edition 10. ...
CVE-2018-19495An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2018-19494An issue was discovered in GitLab Community and Enterprise Edition 11. ...
CVE-2018-19493An issue was discovered in GitLab Community and Enterprise Edition 11. ...
CVE-2018-19359GitLab Community and Enterprise Edition 8.9 and later and before 11.5. ...
CVE-2018-18843The Kubernetes integration in GitLab Enterprise Edition 11.x before 11 ...
CVE-2018-18649An issue was discovered in the wiki API in GitLab Community and Enterp ...
CVE-2018-18648An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2018-18647An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2018-18646An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2018-18645An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2018-18644An issue was discovered in GitLab Community and Enterprise Edition 11. ...
CVE-2018-18643GitLab CE & EE 11.2 and later and before 11.5.0-rc12, 11.4.6, and ...
CVE-2018-18642An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2018-18641An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2018-18640An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2018-17976An issue was discovered in GitLab Community Edition 11.x before 11.1.8 ...
CVE-2018-17975An issue was discovered in GitLab Community Edition 11.x before 11.1.8 ...
CVE-2018-17939An issue was discovered in GitLab Community and Enterprise Edition 11. ...
CVE-2018-17537Persistent XSS package.json
CVE-2018-17536Persistent XSS merge request project import
CVE-2018-17455IDOR merge request approvals
CVE-2018-17454Persistent XSS on issue details
CVE-2018-17453GRPC::Unknown logging token disclosure
CVE-2018-17452validate_localhost function in url_blocker.rb could be bypassed
CVE-2018-17451Slack integration CSRF Oauth2
CVE-2018-17450SSRF GCP access token disclosure
CVE-2018-17449Confidential information disclosure in events API endpoint
CVE-2018-16051An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2018-16050An issue was discovered in GitLab Community and Enterprise Edition 11. ...
CVE-2018-16049An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2018-16048An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2018-15472Diff formatter DoS in Sidekiq jobs
CVE-2018-14606An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2018-14605An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2018-14604An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2018-14603An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2018-14602An issue was discovered in GitLab Community and Enterprise Edition bef ...
CVE-2018-14601An issue was discovered in GitLab Community and Enterprise Edition 11. ...
CVE-2018-14364GitLab Community and Enterprise Edition before 10.7.7, 10.8.x before 1 ...
CVE-2018-12607An issue was discovered in GitLab Community Edition and Enterprise Edi ...
CVE-2018-12606An issue was discovered in GitLab Community Edition and Enterprise Edi ...
CVE-2018-12605An issue was discovered in GitLab Community Edition and Enterprise Edi ...
CVE-2018-10379An issue was discovered in GitLab Community Edition (CE) and Enterpris ...
CVE-2017-8778GitLab before 8.14.9, 8.15.x before 8.15.6, and 8.16.x before 8.16.5 h ...
CVE-2017-17716GitLab 9.4.x before 9.4.2 does not support LDAP SSL certificate verifi ...
CVE-2017-12426GitLab Community Edition (CE) and Enterprise Edition (EE) before 8.17. ...
CVE-2017-11438GitLab Community Edition (CE) and Enterprise Edition (EE) before 9.0.1 ...
CVE-2017-11437GitLab Enterprise Edition (EE) before 8.17.7, 9.0.11, 9.1.8, 9.2.8, an ...
CVE-2017-0927Gitlab Community Edition version 10.3 is vulnerable to an improper aut ...
CVE-2017-0926Gitlab Community Edition version 10.3 is vulnerable to an improper aut ...
CVE-2017-0925Gitlab Enterprise Edition version 10.1.0 is vulnerable to an insuffici ...
CVE-2017-0924Gitlab Community Edition version 10.2.4 is vulnerable to lack of input ...
CVE-2017-0923Gitlab Community Edition version 9.1 is vulnerable to lack of input va ...
CVE-2017-0922Gitlab Enterprise Edition version 10.3 is vulnerable to an authorizati ...
CVE-2017-0921GitLab Community and Enterprise Editions before 10.1.6, 10.2.6, and 10 ...
CVE-2017-0920GitLab Community and Enterprise Editions before 10.1.6, 10.2.6, and 10 ...
CVE-2017-0919GitLab Community and Enterprise Editions before 10.1.6, 10.2.6, and 10 ...
CVE-2017-0918Gitlab Community Edition version 10.3 is vulnerable to a path traversa ...
CVE-2017-0917Gitlab Community Edition version 10.2.4 is vulnerable to lack of input ...
CVE-2017-0916Gitlab Community Edition version 10.3 is vulnerable to a lack of input ...
CVE-2017-0915Gitlab Community Edition version 10.2.4 is vulnerable to a lack of inp ...
CVE-2017-0914Gitlab Community and Enterprise Editions version 10.1, 10.2, and 10.2. ...
CVE-2017-0882Multiple versions of GitLab expose sensitive user credentials when ass ...
CVE-2016-9469Multiple versions of GitLab expose a dangerous method to any authentic ...
CVE-2016-9086GitLab versions 8.9.x and above contain a critical security flaw in th ...
CVE-2016-4340The impersonate feature in Gitlab 8.7.0, 8.6.0 through 8.6.7, 8.5.0 th ...
CVE-2014-8540The groups API in GitLab 6.x and 7.x before 7.4.3 allows remote authen ...
CVE-2013-7316Cross-site scripting (XSS) vulnerability in GitLab 6.0 and other versi ...
CVE-2013-4583The parse_cmd function in lib/gitlab_shell.rb in GitLab 5.0 before 5.4 ...
CVE-2013-4582The (1) create_branch, (2) create_tag, (3) import_project, and (4) for ...
CVE-2013-4581GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, Enterprise Ed ...
CVE-2013-4580GitLab before 5.4.2, Community Edition before 6.2.4, and Enterprise Ed ...
CVE-2013-4546The repository import feature in gitlab-shell before 1.7.4, as used in ...
CVE-2013-4490The SSH key upload feature (lib/gitlab_keys.rb) in gitlab-shell before ...
CVE-2013-4489The Grit gem for Ruby, as used in GitLab 5.2 before 5.4.1 and 6.x befo ...

Security announcements

DSA / DLADescription
DSA-4206-2gitlab - regression update
DSA-4206-1gitlab - security update
DSA-4145-1gitlab - security update

Search for package or bug name: Reporting problems