gitlab

1,423 tracked vulnerabilities.

CVE-2021-22192 CRITICAL
GitLab CE/EE <13.2 - Authenticated RCE
Mar 24, 2021
CVSS 9.9
EPSS 0.13
CVE-2021-22186 MEDIUM
GitLab 9.4.0-13.7.7 - Incorrect Authorization in Group CI/CD Variables
Mar 24, 2021
CVSS 4.9
EPSS 0.01
CVE-2021-22185 MEDIUM
GitLab 13.8.0-13.8.4 - Stored Cross-Site Scripting in Wikis via Crafted Commit
Mar 24, 2021
CVSS 5.4
EPSS 0.01
CVE-2021-22179 MEDIUM
GitLab 12.2.0-13.6.5 - Server-Side Request Forgery via Outbound Requests
Mar 24, 2021
CVSS 5.4
EPSS 0.01
CVE-2021-22178 MEDIUM
GitLab 13.2.0-13.6.6 - Server-Side Request Forgery via Prometheus Integration
Mar 24, 2021
CVSS 5.0
EPSS 0.01
CVE-2021-22176 MEDIUM
GitLab 3.0.1-13.6.7 - Incorrect Authorization for Demoted Project Members
Mar 24, 2021
CVSS 4.3
EPSS 0.01
CVE-2021-22189 MEDIUM
GitLab < 13.6.7 - Improper Certificate Validation for Fortinet OTP
Mar 04, 2021
CVSS 5.9
EPSS 0.01
CVE-2021-22183 MEDIUM
GitLab 11.8-13.6.5 - Stored Cross-Site Scripting in Epics Page
Mar 04, 2021
CVSS 4.1
EPSS 0.01
CVE-2021-22188 MEDIUM
GitLab 13.0.0-13.6.6 - Unauthenticated Confidential Issue Title Exposure via Branch Logs
Mar 03, 2021
CVSS 5.3
EPSS 0.01
CVE-2021-22182 LOW
GitLab 13.7.0-13.7.5 - Stored Cross-Site Scripting in Merge Request
Mar 03, 2021
CVSS 3.5
EPSS 0.01
CVE-2021-22187 MEDIUM
GitLab < 13.6.7 - Uncontrolled Resource Consumption via Deleted Project Job Persistence
Mar 02, 2021
CVSS 4.3
EPSS 0.01
CVE-2021-22171 HIGH
GitLab 11.5.0-13.5.5 - API Token Theft via Malicious Link
Jan 15, 2021
CVSS 7.3
EPSS 0.01
CVE-2021-22168 MEDIUM
GitLab 12.8.0-13.5.5 - Regular Expression Denial of Service in NuGet API
Jan 15, 2021
CVSS 4.3
EPSS 0.01
CVE-2021-22167 MEDIUM
GitLab 12.1.0-13.5.5 - Unauthenticated Temporary Private Repository Access via Incorrect Headers
Jan 15, 2021
CVSS 5.3
EPSS 0.02
CVE-2021-22166 MEDIUM
GitLab 13.7.0-13.7.1 - Denial of Service via Malformed HTTP Method
Jan 15, 2021
CVSS 5.3
EPSS 0.01
CVE-2020-26414 MEDIUM
GitLab 12.4.0-13.5.5 - Denial of Service via Malicious Package Name Input
Jan 15, 2021
CVSS 4.3
EPSS 0.02
CVE-2020-26411 MEDIUM
Gitlab <13.4.7, <13.5.5, <13.6.2 - DoS
Dec 11, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-26417 MEDIUM
GitLab CE/EE 13.1-<13.4.7, 13.5-<13.5.5, 13.6-<13.6.2 - Info Disclo...
Dec 11, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-26416 MEDIUM
GitLab 8.4.0-13.4.6 13.5.0-13.5.4 13.6.0-13.6.1 - Information Disclosure in Advanced Search
Dec 11, 2020
CVSS 4.0
EPSS 0.00
CVE-2020-26415 MEDIUM
GitLab <13.4.7,<13.5.5,<13.6.2 - Info Disclosure
Dec 11, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-26413 MEDIUM NUCLEI
GitLab CE/EE <13.6.2 - Info Disclosure
Dec 11, 2020
CVSS 5.3
EPSS 0.34
CVE-2020-26412 LOW
GitLab EE <13.6.2 - Info Disclosure
Dec 11, 2020
CVSS 3.1
EPSS 0.01
CVE-2020-26408 MEDIUM
GitLab 12.2.0-13.4.6, 13.5.0-13.5.4, 13.6.0-13.6.1 - Limited Information Disclosure in Private Profile
Dec 11, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-13357 MEDIUM
Gitlab CE/EE <13.4.7/<13.5.5/<13.6.2 - Info Disclosure
Dec 11, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-26409 MEDIUM
Gitlab CE/EE >=10.3,<13.4.7,-<13.5.5,-<13.6.2 - DoS
Dec 11, 2020
CVSS 4.3
EPSS 0.01