gitlab

CVE-2020-26414 MEDIUM

GitLab 12.4.0-13.5.5 - Denial of Service via Malicious Package Name Input

Jan 15, 2021

CVSS 4.3

EPSS 0.00

CVE-2020-26411 MEDIUM

Gitlab <13.4.7, <13.5.5, <13.6.2 - DoS

Dec 11, 2020

CVSS 4.3

EPSS 0.00

CVE-2020-26417 MEDIUM

GitLab CE/EE 13.1-<13.4.7, 13.5-<13.5.5, 13.6-<13.6.2 - Info Disclo...

Dec 11, 2020

CVSS 5.3

EPSS 0.00

CVE-2020-26416 MEDIUM

GitLab 8.4.0-13.4.6 13.5.0-13.5.4 13.6.0-13.6.1 - Information Disclosure in Advanced Search

Dec 11, 2020

CVSS 4.0

EPSS 0.00

CVE-2020-26415 MEDIUM

GitLab <13.4.7,<13.5.5,<13.6.2 - Info Disclosure

Dec 11, 2020

CVSS 4.3

EPSS 0.00

CVE-2020-26413 MEDIUM NUCLEI

GitLab CE/EE <13.6.2 - Info Disclosure

Dec 11, 2020

CVSS 5.3

EPSS 0.82

CVE-2020-26412 LOW

GitLab EE <13.6.2 - Info Disclosure

Dec 11, 2020

CVSS 3.1

EPSS 0.00

CVE-2020-26408 MEDIUM

GitLab 12.2.0-13.4.6, 13.5.0-13.5.4, 13.6.0-13.6.1 - Limited Information Disclosure in Private Profile

Dec 11, 2020

CVSS 5.3

EPSS 0.00

CVE-2020-13357 MEDIUM

Gitlab CE/EE <13.4.7/<13.5.5/<13.6.2 - Info Disclosure

Dec 11, 2020

CVSS 4.3

EPSS 0.00

CVE-2020-26409 MEDIUM

Gitlab CE/EE >=10.3,<13.4.7,-<13.5.5,-<13.6.2 - DoS

Dec 11, 2020

CVSS 4.3

EPSS 0.00

CVE-2020-26407 MEDIUM

GitLab 12.4-13.4.6, 13.5-13.5.4, 13.6-13.6.1 - Stored Cross-Site Scripting via Malicious Project Import

Dec 10, 2020

CVSS 5.5

EPSS 0.00

CVE-2020-13359 HIGH

GitLab 12.10-13.2.9 13.4-13.4.4 13.5-13.5.1 - Authenticated Terraform State Overwrite via Delete Operation

Nov 19, 2020

CVSS 7.6

EPSS 0.00

CVE-2020-13356 HIGH

GitLab CE/EE >=8.8.9,<13.3.9 - Auth Bypass

Nov 19, 2020

CVSS 8.2

EPSS 0.00

CVE-2020-13355 HIGH

GitLab CE/EE >=8.14,<13.3.9,>=13.4,<13.4.5,>=13.5,<13.5.2 - Path Tr...

Nov 19, 2020

CVSS 7.5

EPSS 0.00

CVE-2020-26405 HIGH

GitLab 12.8-13.2.9 13.4-13.4.4 13.5-13.5.1 - Path Traversal and Arbitrary File Write via Package Upload

Nov 17, 2020

CVSS 7.1

EPSS 0.01

CVE-2020-13349 MEDIUM

GitLab 8.12.0-13.3.8, 13.4.0-13.4.4, 13.5.0-13.5.1 - Denial of Service via Advanced Search Regex

Nov 17, 2020

CVSS 4.3

EPSS 0.00

CVE-2020-13348 MEDIUM

GitLab EE -<13.3.9,-13.4.5,-13.5.2 - Privilege Escalation

Nov 17, 2020

CVSS 5.7

EPSS 0.00

CVE-2020-13351 MEDIUM

GitLab CE/EE 13.0-13.3.9,13.4.0-13.4.5,13.5.0-13.5.2 - Info Disclosure

Nov 17, 2020

CVSS 6.5

EPSS 0.00

CVE-2020-13350 LOW

GitLab CE/EE >=13.5.0,<13.5.2,>=13.4.0,<13.4.5,<13.3.9 - CSRF

Nov 17, 2020

CVSS 3.1

EPSS 0.00

CVE-2020-26406 MEDIUM

GitLab 13.3-13.3.8, 13.4-13.4.4, 13.5-13.5.1 - Unauthorized SAST CiConfiguration Information Disclosure via GraphQL

Nov 17, 2020

CVSS 5.3

EPSS 0.00

CVE-2020-13358 MEDIUM

GitLab CE/EE 13.3-13.4.5, 13.3-13.3.9, 13.5-13.5.2 - Unauthorized A...

Nov 17, 2020

CVSS 4.7

EPSS 0.00

CVE-2020-13354 MEDIUM

GitLab 12.6.0-13.3.8 - Denial of Service via Container Registry Name Check

Nov 17, 2020

CVSS 4.3

EPSS 0.01

CVE-2020-13353 LOW

Gitaly 1.79.0-13.3.9 - Insufficient Session Expiration via URL Repository Import

Nov 17, 2020

CVSS 2.5

EPSS 0.00

CVE-2020-13352 LOW

GitLab CE/EE >=10.2,<13.3.9,>=13.4,<13.4.5,>=13.5,<13.5.2 - Info Di...

Nov 17, 2020

CVSS 3.7

EPSS 0.00

CVE-2020-13327 MEDIUM

GitLab Runner <13.4.2-<13.3.7-<13.2.10 - Info Disclosure

Oct 22, 2020

CVSS 6.0

EPSS 0.00