gitlab
1,423 tracked vulnerabilities.
CVE-2021-22192
CRITICAL
GitLab CE/EE <13.2 - Authenticated RCE
Mar 24, 2021
CVSS 9.9
EPSS 0.13
CVE-2021-22186
MEDIUM
GitLab 9.4.0-13.7.7 - Incorrect Authorization in Group CI/CD Variables
Mar 24, 2021
CVSS 4.9
EPSS 0.01
CVE-2021-22185
MEDIUM
GitLab 13.8.0-13.8.4 - Stored Cross-Site Scripting in Wikis via Crafted Commit
Mar 24, 2021
CVSS 5.4
EPSS 0.01
CVE-2021-22179
MEDIUM
GitLab 12.2.0-13.6.5 - Server-Side Request Forgery via Outbound Requests
Mar 24, 2021
CVSS 5.4
EPSS 0.01
CVE-2021-22178
MEDIUM
GitLab 13.2.0-13.6.6 - Server-Side Request Forgery via Prometheus Integration
Mar 24, 2021
CVSS 5.0
EPSS 0.01
CVE-2021-22176
MEDIUM
GitLab 3.0.1-13.6.7 - Incorrect Authorization for Demoted Project Members
Mar 24, 2021
CVSS 4.3
EPSS 0.01
CVE-2021-22189
MEDIUM
GitLab < 13.6.7 - Improper Certificate Validation for Fortinet OTP
Mar 04, 2021
CVSS 5.9
EPSS 0.01
CVE-2021-22183
MEDIUM
GitLab 11.8-13.6.5 - Stored Cross-Site Scripting in Epics Page
Mar 04, 2021
CVSS 4.1
EPSS 0.01
CVE-2021-22188
MEDIUM
GitLab 13.0.0-13.6.6 - Unauthenticated Confidential Issue Title Exposure via Branch Logs
Mar 03, 2021
CVSS 5.3
EPSS 0.01
CVE-2021-22182
LOW
GitLab 13.7.0-13.7.5 - Stored Cross-Site Scripting in Merge Request
Mar 03, 2021
CVSS 3.5
EPSS 0.01
CVE-2021-22187
MEDIUM
GitLab < 13.6.7 - Uncontrolled Resource Consumption via Deleted Project Job Persistence
Mar 02, 2021
CVSS 4.3
EPSS 0.01
CVE-2021-22171
HIGH
GitLab 11.5.0-13.5.5 - API Token Theft via Malicious Link
Jan 15, 2021
CVSS 7.3
EPSS 0.01
CVE-2021-22168
MEDIUM
GitLab 12.8.0-13.5.5 - Regular Expression Denial of Service in NuGet API
Jan 15, 2021
CVSS 4.3
EPSS 0.01
CVE-2021-22167
MEDIUM
GitLab 12.1.0-13.5.5 - Unauthenticated Temporary Private Repository Access via Incorrect Headers
Jan 15, 2021
CVSS 5.3
EPSS 0.02
CVE-2021-22166
MEDIUM
GitLab 13.7.0-13.7.1 - Denial of Service via Malformed HTTP Method
Jan 15, 2021
CVSS 5.3
EPSS 0.01
CVE-2020-26414
MEDIUM
GitLab 12.4.0-13.5.5 - Denial of Service via Malicious Package Name Input
Jan 15, 2021
CVSS 4.3
EPSS 0.02
CVE-2020-26411
MEDIUM
Gitlab <13.4.7, <13.5.5, <13.6.2 - DoS
Dec 11, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-26417
MEDIUM
GitLab CE/EE 13.1-<13.4.7, 13.5-<13.5.5, 13.6-<13.6.2 - Info Disclo...
Dec 11, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-26416
MEDIUM
GitLab 8.4.0-13.4.6 13.5.0-13.5.4 13.6.0-13.6.1 - Information Disclosure in Advanced Search
Dec 11, 2020
CVSS 4.0
EPSS 0.00
CVE-2020-26415
MEDIUM
GitLab <13.4.7,<13.5.5,<13.6.2 - Info Disclosure
Dec 11, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-26413
MEDIUM
NUCLEI
GitLab CE/EE <13.6.2 - Info Disclosure
Dec 11, 2020
CVSS 5.3
EPSS 0.34
CVE-2020-26412
LOW
GitLab EE <13.6.2 - Info Disclosure
Dec 11, 2020
CVSS 3.1
EPSS 0.01
CVE-2020-26408
MEDIUM
GitLab 12.2.0-13.4.6, 13.5.0-13.5.4, 13.6.0-13.6.1 - Limited Information Disclosure in Private Profile
Dec 11, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-13357
MEDIUM
Gitlab CE/EE <13.4.7/<13.5.5/<13.6.2 - Info Disclosure
Dec 11, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-26409
MEDIUM
Gitlab CE/EE >=10.3,<13.4.7,-<13.5.5,-<13.6.2 - DoS
Dec 11, 2020
CVSS 4.3
EPSS 0.01