gitlab

1,423 tracked vulnerabilities.

CVE-2020-13343 HIGH
GitLab 11.2.0-13.4.2 - Unauthorized Custom Project Template Exposure
Oct 06, 2020
CVSS 7.5
EPSS 0.02
CVE-2020-13333 MEDIUM
GitLab 13.1-13.3 - Denial of Service via Release Asset Link Update API
Oct 06, 2020
CVSS 4.3
EPSS 0.02
CVE-2020-13338 MEDIUM
GitLab <12.10.13, 13.0.8, 13.1.2 - XSS
Oct 02, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-13337 HIGH
GitLab 12.10-12.10.12 - Stored Cross-Site Scripting via Group Name
Oct 02, 2020
CVSS 7.2
EPSS 0.01
CVE-2020-13336 MEDIUM
GitLab 11.8-12.10.12 - Stored Cross-Site Scripting in Error Tracking Feature
Sep 30, 2020
CVSS 4.0
EPSS 0.01
CVE-2020-13331 MEDIUM
GitLab < 12.10.13 - Stored Cross-Site Scripting in Wiki Pages
Sep 30, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-13330 MEDIUM
GitLab < 12.10.13 - Stored Cross-Site Scripting in Bitbucket Project Import
Sep 30, 2020
CVSS 4.4
EPSS 0.01
CVE-2020-13329 MEDIUM
GitLab 12.6.2-12.10.13 - Stored Cross-Site Scripting in Blob View
Sep 30, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-13328 MEDIUM
GitLab 12.0.0-12.10.13 - Stored Cross-Site Scripting via PyPi Files API
Sep 30, 2020
CVSS 4.8
EPSS 0.01
CVE-2020-13326 MEDIUM
GitLab 11.8.0-12.10.12 - GitHub Project Import Restriction Bypass
Sep 30, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-13325 HIGH
GitLab 12.9.0-12.10.13 - Denial of Service via Issue Comment Section
Sep 30, 2020
CVSS 7.1
EPSS 0.01
CVE-2020-13324 MEDIUM
GitLab 9.4.0-12.10.13 - Unprotected User Data Exposure via API
Sep 30, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-13323 HIGH
GitLab 8.5.0-12.10.13 - Unauthenticated Private Merge Request Exposure via Todos
Sep 30, 2020
CVSS 7.7
EPSS 0.01
CVE-2020-13322 HIGH
GitLab >12.9 - Privilege Escalation
Sep 30, 2020
CVSS 7.2
EPSS 0.01
CVE-2020-13321 HIGH
GitLab < 12.10.13 - Username Format Restriction Bypass
Sep 30, 2020
CVSS 8.3
EPSS 0.01
CVE-2020-13320 MEDIUM
GitLab < 12.10.13 - Unauthorized Security Dashboard Access
Sep 30, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-13319 MEDIUM
GitLab <13.1.2-12.10.13 - Info Disclosure
Sep 30, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-13296 MEDIUM
GitLab >=10.7 <13.0.14, >=13.1.0 <13.1.8, >=13.2.0 <13.2.6 - Info D...
Sep 30, 2020
CVSS 6.5
EPSS 0.02
CVE-2020-13308 LOW
GitLab <13.1.10-13.3.4 - Info Disclosure
Sep 15, 2020
CVSS 2.7
EPSS 0.02
CVE-2020-13307 LOW
GitLab <13.1.10-13.3.4 - Privilege Escalation
Sep 15, 2020
CVSS 3.8
EPSS 0.01
CVE-2020-13303 HIGH
GitLab <13.1.10-13.3.4 - Info Disclosure
Sep 15, 2020
CVSS 7.1
EPSS 0.01
CVE-2020-13315 LOW
GitLab < 13.1.10 - Denial of Service via Profile Activity Page
Sep 14, 2020
CVSS 3.7
EPSS 0.02
CVE-2020-13310 MEDIUM
GitLab Runner < 13.1.3, 13.2.3, 13.3.1 - Denial of Service via Malformed Queries
Sep 14, 2020
CVSS 6.5
EPSS 0.02
CVE-2020-13309 MEDIUM
GitLab <13.1.10-13.3.4 - Blind SSRF
Sep 14, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-13306 LOW
GitLab < 13.1.10 - Denial of Service via Webhook Rate Limitation Bypass
Sep 14, 2020
CVSS 3.7
EPSS 0.02