gitlab

CVE-2020-13272 HIGH

OAuth flow - Unverified User Access

Jun 19, 2020

CVSS 7.5

EPSS 0.00

CVE-2020-13265 MEDIUM

GitLab 12.5.0-13.0.1 - Email Verification Bypass

Jun 19, 2020

CVSS 4.3

EPSS 0.00

CVE-2020-13262 MEDIUM

GitLab CE/EE <13.0.1 - Code Injection

Jun 19, 2020

CVSS 6.1

EPSS 0.00

CVE-2020-13277 MEDIUM

GitLab CE/EE <13.0.5 - Info Disclosure

Jun 19, 2020

CVSS 6.3

EPSS 0.05

CVE-2020-14155 MEDIUM

PCRE < 8.44 - Integer Overflow via Large Number After (?C Substring

Jun 15, 2020

CVSS 5.3

EPSS 0.00

CVE-2020-13271 MEDIUM

GitLab < 13.0.1 - Stored Cross-Site Scripting in Blobs API

Jun 10, 2020

CVSS 6.1

EPSS 0.00

CVE-2020-13270 HIGH

GitLab CE/EE <13.0.1 - Privilege Escalation

Jun 10, 2020

CVSS 7.5

EPSS 0.00

CVE-2020-13269 MEDIUM

GitLab 12.10.0-12.10.7 - Reflected Cross-Site Scripting in Static Site Editor

Jun 10, 2020

CVSS 6.1

EPSS 0.00

CVE-2020-13268 MEDIUM

GitLab CE/EE <13.0.1 - Info Disclosure

Jun 10, 2020

CVSS 5.3

EPSS 0.00

CVE-2020-13267 MEDIUM

GitLab 12.8.0-13.0.1 - Stored Cross-Site Scripting in Metrics Dashboard

Jun 10, 2020

CVSS 6.1

EPSS 0.00

CVE-2020-13266 MEDIUM

GitLab CE/EE <13.0.1 - Privilege Escalation

Jun 09, 2020

CVSS 4.3

EPSS 0.00

CVE-2020-12448 MEDIUM

GitLab 12.8.0-12.8.9 - Unauthenticated Sensitive Information Exposure via NuGet

May 07, 2020

CVSS 5.3

EPSS 0.00

CVE-2020-12277 MEDIUM

GitLab 10.8-12.9 - Unauthenticated Repository Mirroring via Unauthorized Feature Access

Apr 29, 2020

CVSS 5.3

EPSS 0.00

CVE-2020-12276 MEDIUM

GitLab 9.5.9-12.9 - Stored Cross-Site Scripting in Admin Notification Feature

Apr 29, 2020

CVSS 4.8

EPSS 0.00

CVE-2020-12275 MEDIUM

GitLab 12.6-12.9 - Unauthenticated Privilege Escalation via Personal Snippet API

Apr 29, 2020

CVSS 5.3

EPSS 0.00

CVE-2020-11649 MEDIUM

GitLab 8.15-12.9.2 - Missing Authentication for Critical Function

Apr 22, 2020

CVSS 6.5

EPSS 0.00

CVE-2020-11506 HIGH

GitLab 10.7.0-12.9.2 - Exposure of Sensitive Information via Workhorse Request Smuggling

Apr 22, 2020

CVSS 7.5

EPSS 0.00

CVE-2020-11505 HIGH

GitLab < 12.7.9, 12.8.x < 12.8.9, 12.9.x < 12.9.3 - Exposure of Sensitive Information via Workhorse Request Smuggling

Apr 22, 2020

CVSS 7.5

EPSS 0.00

CVE-2020-10981 MEDIUM

GitLab EE/CE <12.9 - Info Disclosure

Apr 08, 2020

CVSS 4.3

EPSS 0.00

CVE-2020-10980 CRITICAL

GitLab 8.0.0-12.9 - Server-Side Request Forgery via FogBugz Integration

Apr 08, 2020

CVSS 9.8

EPSS 0.00

CVE-2020-10979 MEDIUM

GitLab EE/CE <12.9 - Info Disclosure

Apr 08, 2020

CVSS 4.3

EPSS 0.00

CVE-2020-10978 MEDIUM

GitLab EE/CE 8.11-12.9 - Info Disclosure

Apr 08, 2020

CVSS 5.3

EPSS 0.00

CVE-2020-10977 MEDIUM

GitLab EE/CE <12.9 - Path Traversal

Apr 08, 2020

CVSS 5.5

EPSS 0.05

CVE-2020-10976 HIGH

GitLab EE/CE <12.9 - Info Disclosure

Apr 08, 2020

CVSS 7.5

EPSS 0.00

CVE-2020-10975 MEDIUM

GitLab EE/CE 10.8-12.9 - Info Disclosure

Apr 08, 2020

CVSS 4.3

EPSS 0.00