gitlab
1,423 tracked vulnerabilities.
CVE-2020-13343
HIGH
GitLab 11.2.0-13.4.2 - Unauthorized Custom Project Template Exposure
Oct 06, 2020
CVSS 7.5
EPSS 0.02
CVE-2020-13333
MEDIUM
GitLab 13.1-13.3 - Denial of Service via Release Asset Link Update API
Oct 06, 2020
CVSS 4.3
EPSS 0.02
CVE-2020-13338
MEDIUM
GitLab <12.10.13, 13.0.8, 13.1.2 - XSS
Oct 02, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-13337
HIGH
GitLab 12.10-12.10.12 - Stored Cross-Site Scripting via Group Name
Oct 02, 2020
CVSS 7.2
EPSS 0.01
CVE-2020-13336
MEDIUM
GitLab 11.8-12.10.12 - Stored Cross-Site Scripting in Error Tracking Feature
Sep 30, 2020
CVSS 4.0
EPSS 0.01
CVE-2020-13331
MEDIUM
GitLab < 12.10.13 - Stored Cross-Site Scripting in Wiki Pages
Sep 30, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-13330
MEDIUM
GitLab < 12.10.13 - Stored Cross-Site Scripting in Bitbucket Project Import
Sep 30, 2020
CVSS 4.4
EPSS 0.01
CVE-2020-13329
MEDIUM
GitLab 12.6.2-12.10.13 - Stored Cross-Site Scripting in Blob View
Sep 30, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-13328
MEDIUM
GitLab 12.0.0-12.10.13 - Stored Cross-Site Scripting via PyPi Files API
Sep 30, 2020
CVSS 4.8
EPSS 0.01
CVE-2020-13326
MEDIUM
GitLab 11.8.0-12.10.12 - GitHub Project Import Restriction Bypass
Sep 30, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-13325
HIGH
GitLab 12.9.0-12.10.13 - Denial of Service via Issue Comment Section
Sep 30, 2020
CVSS 7.1
EPSS 0.01
CVE-2020-13324
MEDIUM
GitLab 9.4.0-12.10.13 - Unprotected User Data Exposure via API
Sep 30, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-13323
HIGH
GitLab 8.5.0-12.10.13 - Unauthenticated Private Merge Request Exposure via Todos
Sep 30, 2020
CVSS 7.7
EPSS 0.01
CVE-2020-13322
HIGH
GitLab >12.9 - Privilege Escalation
Sep 30, 2020
CVSS 7.2
EPSS 0.01
CVE-2020-13321
HIGH
GitLab < 12.10.13 - Username Format Restriction Bypass
Sep 30, 2020
CVSS 8.3
EPSS 0.01
CVE-2020-13320
MEDIUM
GitLab < 12.10.13 - Unauthorized Security Dashboard Access
Sep 30, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-13319
MEDIUM
GitLab <13.1.2-12.10.13 - Info Disclosure
Sep 30, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-13296
MEDIUM
GitLab >=10.7 <13.0.14, >=13.1.0 <13.1.8, >=13.2.0 <13.2.6 - Info D...
Sep 30, 2020
CVSS 6.5
EPSS 0.02
CVE-2020-13308
LOW
GitLab <13.1.10-13.3.4 - Info Disclosure
Sep 15, 2020
CVSS 2.7
EPSS 0.02
CVE-2020-13307
LOW
GitLab <13.1.10-13.3.4 - Privilege Escalation
Sep 15, 2020
CVSS 3.8
EPSS 0.01
CVE-2020-13303
HIGH
GitLab <13.1.10-13.3.4 - Info Disclosure
Sep 15, 2020
CVSS 7.1
EPSS 0.01
CVE-2020-13315
LOW
GitLab < 13.1.10 - Denial of Service via Profile Activity Page
Sep 14, 2020
CVSS 3.7
EPSS 0.02
CVE-2020-13310
MEDIUM
GitLab Runner < 13.1.3, 13.2.3, 13.3.1 - Denial of Service via Malformed Queries
Sep 14, 2020
CVSS 6.5
EPSS 0.02
CVE-2020-13309
MEDIUM
GitLab <13.1.10-13.3.4 - Blind SSRF
Sep 14, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-13306
LOW
GitLab < 13.1.10 - Denial of Service via Webhook Rate Limitation Bypass
Sep 14, 2020
CVSS 3.7
EPSS 0.02