General-Purpose System Vulnerabilities
Vulnerabilities related to traditional IT systems, servers, and desktop applications.
| CVE ID | Description | Severity | Published | Type |
|---|---|---|---|---|
| CVE-2019-19311 | GitLab EE 8.14 through 12.5, 12.4.3, and 12.3.6 allows XSS in group and profile fields. | Medium (5.4) | 2020-01-03 | General Purpose |
| CVE-2019-19254 | GitLab Community Edition (CE) and Enterprise Edition (EE). 9.6 and later through 12.5 has Incorrect Access Control. | Medium (5.3) | 2020-01-03 | General Purpose |
| CVE-2019-19088 | Gitlab Enterprise Edition (EE) 11.3 through 12.4.2 allows Directory Traversal. | Critical (9.8) | 2020-01-03 | General Purpose |
| CVE-2019-19087 | Gitlab Enterprise Edition (EE) before 12.5.1 has Insecure Permissions (issue 2 of 2). | Medium (4.3) | 2020-01-03 | General Purpose |
| CVE-2019-19086 | Gitlab Enterprise Edition (EE) before 12.5.1 has Insecure Permissions (issue 1 of 2). | Medium (4.3) | 2020-01-03 | General Purpose |