Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:gitlab_ce/ee:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorN/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78)
ProductGitlab Ce/Ee (4a492b10-74f9-5949-96c5-66afb5a8f780)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2019-5486 vulnerable 2026-06-08 05:13:59.330353 Details available
A authentication bypass vulnerability exists in GitLab CE/EE <v12.3.2, <v12.2.6, and <v12.1.10 in the Salesforce login integration that could be used by an attacker to create an account that bypassed domain restrictions and email verification requirements.
Published: 2019-12-18T20:58:42.000Z
Updated: 2024-08-04T19:54:53.485Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2019-5467 vulnerable 2026-06-08 05:13:59.233874 Details available
An input validation and output encoding issue was discovered in the GitLab CE/EE wiki pages feature which could result in a persistent XSS. This vulnerability was addressed in 12.1.2, 12.0.4, and 11.11.6.
Published: 2019-09-09T17:45:19.000Z
Updated: 2024-08-04T19:54:53.501Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2019-5466 vulnerable 2026-06-08 05:13:59.233501 Details available
An IDOR was discovered in GitLab CE/EE 11.5 and later that allowed new merge requests endpoint to disclose label names.
Published: 2020-01-28T02:39:28.000Z
Updated: 2024-08-04T19:54:53.587Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2019-5463 vulnerable 2026-06-08 05:13:59.231287 Details available
An authorization issue was discovered in the GitLab CE/EE CI badge images endpoint which could result in disclosure of the build status. This vulnerability was addressed in 12.1.2, 12.0.4, and 11.11.6.
Published: 2019-09-09T17:44:00.000Z
Updated: 2024-08-04T19:54:53.488Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2019-15589 vulnerable 2026-06-08 05:12:57.637857 Details available
An improper access control vulnerability exists in Gitlab <v12.3.2, <v12.2.6, <v12.1.12 which would allow a blocked user would be able to use GIT clone and pull if he had obtained a CI/CD token before.
Published: 2019-12-18T21:00:39.000Z
Updated: 2024-08-05T00:49:13.715Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2019-15584 vulnerable 2026-06-08 05:12:57.624404 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2019-15577 vulnerable 2026-06-08 05:12:57.617734 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2019-15576 vulnerable 2026-06-08 05:12:57.617368 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2019-15575 vulnerable 2026-06-08 05:12:57.616904 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.