CVE-2025-31552

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in davidfcarr RSVPMarker rsvpmaker allows SQL Injection.This issue affects RSVPMarker : from n/a through = 11.6.7...

PT-2022-28273 · Unknown · Sweetalert2

Name of the Vulnerable Software and Affected Versions: sweetalert2 versions 11.4.9 and above Description: The issue concerns hidden functionality introduced by the maintainer, causing the package to output audio and/or video messages unrelated to its intended functionality. Recommendations: For...

GitLab Input Validation Error Vulnerability (CNVD-2020-20440)

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. An input validation error vulnerability exists in GitLab...

GitLab EE Information Disclosure Vulnerability

GitLab is an open source application developed using Ruby on Rails that implements a self-hosted Git project repository that can be accessed through a web interface for public and private projects.GitLab EE is the GitLab Enterprise Edition and GitLab CE is the GitLab Community Edition. An...

Design/Logic Flaw

GitLab EE, versions 11.4 before 11.4.8 and 11.5 before 11.5.1, is affected by an insecure direct object reference vulnerability that permits an unauthorized user to publish the draft merge request comments of another user...

CVE-2018-19572

GitLab CE 8.17 and later and EE 8.3 and later have a symlink time-of-check-to-time-of-use race condition that would allow unauthorized access to files in the GitLab Pages chroot environment. This is fixed in versions 11.5.1, 11.4.8, and 11.3.11...

Design/Logic Flaw

GitLab CE/EE, versions 10.1 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an insecure direct object reference issue that allows a user to make comments on a locked issue...

PT-2019-9866 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 8.0 up to 11.3.10 GitLab CE/EE versions 11.4 up to 11.4.7 GitLab CE/EE versions 11.5 up to 11.5.0 Description: The issue allows administrators with access to the logs to see another user's token, as access tokens are...

PT-2019-9853 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 11.3 before 11.3.11 GitLab CE/EE versions 11.4 before 11.4.8 GitLab CE/EE versions 11.5 before 11.5.1 Description: The issue is related to an XSS vulnerability in Markdown fields via unrecognized HTML tags...

PT-2019-9856 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 10.3 through 11.5 before 11.5.1 GitLab CE/EE version 11.4 before 11.4.8 GitLab CE/EE version 11.3 before 11.3.11 Description: The issue is related to an XSS vulnerability in Markdown fields via Mermaid. Recommendations:...