CVE-2019-19310

GitLab Enterprise Edition (EE) 9.0 and later through 12.5 allows Information Disclosure.

Source: CVE-2019-19310

CVE-2019-5064

An exploitable heap buffer overflow vulnerability exists in the data structure persistence functionality of OpenCV, version 4.1.0. A specially crafted JSON file can cause a buffer overflow, resulting in multiple heap corruptions and potentially code execution. An attacker can provide a specially crafted file to trigger this vulnerability.

Source: CVE-2019-5064

CVE-2019-19262

GitLab Enterprise Edition (EE) 11.9 and later through 12.5 has Insecure Permissions.

Source: CVE-2019-19262

CVE-2019-19261

GitLab Enterprise Edition (EE) 6.7 and later through 12.5 allows SSRF.

Source: CVE-2019-19261

CVE-2019-19255

GitLab Enterprise Edition (EE) 12.3 and later through 12.5 has Incorrect Access Control.

Source: CVE-2019-19255

CVE-2019-19258

GitLab Enterprise Edition (EE) 10.8 and later through 12.5 has Incorrect Access Control.

Source: CVE-2019-19258

CVE-2019-19256

GitLab Enterprise Edition (EE) 12.2 and later through 12.5 has Incorrect Access Control.

Source: CVE-2019-19256

CVE-2019-19260

GitLab Community Edition (CE) and Enterprise Edition (EE) through 12.5 has Incorrect Access Control (issue 2 of 2).

Source: CVE-2019-19260

CVE-2019-19263

GitLab Enterprise Edition (EE) 8.2 and later through 12.5 has Insecure Permissions.

Source: CVE-2019-19263

CVE-2019-19257

GitLab Community Edition (CE) and Enterprise Edition (EE) through 12.5 has Incorrect Access Control (issue 1 of 2).

Source: CVE-2019-19257