Gitlab Ce/Ee
Approved changes feed: RSS · Atom
cpe:2.3:a:n/a:gitlab_ce/ee:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | N/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78) |
|---|---|
| Product | Gitlab Ce/Ee (4a492b10-74f9-5949-96c5-66afb5a8f780) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2019-5486 |
vulnerable | 2026-06-08 05:13:59.330353 |
Details available
A authentication bypass vulnerability exists in GitLab CE/EE <v12.3.2, <v12.2.6, and <v12.1.10 in the Salesforce login integration that could be used by an attacker to create an account that bypassed domain restrictions and email verification requirements.
Published: 2019-12-18T20:58:42.000Z
Updated: 2024-08-04T19:54:53.485Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-5467 |
vulnerable | 2026-06-08 05:13:59.233874 |
Details available
An input validation and output encoding issue was discovered in the GitLab CE/EE wiki pages feature which could result in a persistent XSS. This vulnerability was addressed in 12.1.2, 12.0.4, and 11.11.6.
Published: 2019-09-09T17:45:19.000Z
Updated: 2024-08-04T19:54:53.501Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-5466 |
vulnerable | 2026-06-08 05:13:59.233501 |
Details available
An IDOR was discovered in GitLab CE/EE 11.5 and later that allowed new merge requests endpoint to disclose label names.
Published: 2020-01-28T02:39:28.000Z
Updated: 2024-08-04T19:54:53.587Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-5463 |
vulnerable | 2026-06-08 05:13:59.231287 |
Details available
An authorization issue was discovered in the GitLab CE/EE CI badge images endpoint which could result in disclosure of the build status. This vulnerability was addressed in 12.1.2, 12.0.4, and 11.11.6.
Published: 2019-09-09T17:44:00.000Z
Updated: 2024-08-04T19:54:53.488Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-15589 |
vulnerable | 2026-06-08 05:12:57.637857 |
Details available
An improper access control vulnerability exists in Gitlab <v12.3.2, <v12.2.6, <v12.1.12 which would allow a blocked user would be able to use GIT clone and pull if he had obtained a CI/CD token before.
Published: 2019-12-18T21:00:39.000Z
Updated: 2024-08-05T00:49:13.715Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-15584 |
vulnerable | 2026-06-08 05:12:57.624404 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-15577 |
vulnerable | 2026-06-08 05:12:57.617734 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-15576 |
vulnerable | 2026-06-08 05:12:57.617368 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-15575 |
vulnerable | 2026-06-08 05:12:57.616904 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.