Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
freebsdFreeBSDB17C86B9-E52E-11E9-86E9-001B217B3468
HistorySep 30, 2019 - 12:00 a.m.

Gitlab -- Multiple Vulnerabilities

2019-09-3000:00:00
vuxml.freebsd.org
22

CVSS2

1.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:N/A:N

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

29.6%

JSON

SO-AND-SO reports:

XSS in Markdown Preview Using Mermaid
Bypass Email Verification using Salesforce Authentication
Account Takeover using SAML
Uncontrolled Resource Consumption in Markdown using Mermaid
Disclosure of Private Project Path and Labels
Disclosure of Assignees via Milestones
Disclosure of Project Path via Unsubscribe Link
Disclosure of Project Milestones via Groups
Disclosure of Private System Notes via GraphQL
GIT Command Injection via API
Bypass User Blocking via CI/CD token
IDOR Adding Groups to Protected Environments
Disclosure of Group Membership via Merge Request Approval Rules
Disclosure of Head Pipeline via Blocking Merge Request Feature
Grafana update

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchgitlab-ce= 12.3.0UNKNOWN
FreeBSDanynoarchgitlab-ce< 12.3.2UNKNOWN

Related

cvelist 1
cve 1
debiancve 1
nessus 12
prion 1
ubuntucve 1
nvd 1
redhatcve 1
symantec 1
openvas 7
ubuntu 1
cloudfoundry 1
debian 1
osv 1
cvelist
cvelist
CVE-2019-19039
2019-11-21 01:40:53
cve
cve
CVE-2019-19039
2019-11-21 02:15:23
debiancve
debiancve
CVE-2019-19039
2019-11-21 02:15:23
nessus
nessus
FreeBSD : Gitlab -- Multiple Vulnerabilities (b17c86b9-e52e-11e9-86e9-001b217b3468)
2019-10-03 00:00:00
EulerOS 2.0 SP5 : kernel (EulerOS-SA-2020-1920)
2020-09-02 00:00:00
Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-4414-1)
2020-07-06 00:00:00
prion
prion
Design/Logic Flaw
2019-11-21 02:15:00
ubuntucve
ubuntucve
CVE-2019-19039
2019-11-21 00:00:00
nvd
nvd
CVE-2019-19039
2019-11-21 02:15:23
redhatcve
redhatcve
CVE-2019-19039
2019-11-22 20:46:41
symantec
symantec
Linux Kernel Information Disclosure and Denial of Service Vulnerabilities
2019-11-20 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2020-1920)
2020-09-04 00:00:00
Ubuntu: Security Advisory (USN-4414-1)
2020-07-03 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2020-1508)
2020-04-20 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2020-07-06 00:00:00
cloudfoundry
cloudfoundry
USN-4414-1: Linux kernel vulnerabilities | Cloud Foundry
2020-07-22 00:00:00
debian
debian
[SECURITY] [DLA 2483-1] linux-4.19 security update
2020-12-10 11:11:34
osv
osv
linux-4.19 - security update
2020-12-05 00:00:00

CVSS2

1.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:N/A:N

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

29.6%

JSON
Related for B17C86B9-E52E-11E9-86E9-001B217B3468
cvelist1cve1debiancve1nessus12prion1ubuntucve1nvd1redhatcve1symantec1openvas7ubuntu1cloudfoundry1debian1osv1