gitlab
1,423 tracked vulnerabilities.
CVE-2020-13290
HIGH
GitLab <13.0.12-13.2.3 - Info Disclosure
Aug 12, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-13288
MEDIUM
GitLab 13.0.0-13.0.11 - Stored Cross-Site Scripting in CI/CD Jobs Page
Aug 12, 2020
CVSS 5.5
EPSS 0.04
CVE-2020-13295
MEDIUM
GitLab Runner <13.0.12-13.2.3 - SSRF
Aug 10, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-13294
MEDIUM
GitLab <13.0.12-13.2.3 - Info Disclosure
Aug 10, 2020
CVSS 4.2
EPSS 0.01
CVE-2020-13293
MEDIUM
GitLab <13.0.12-13.2.3 - Info Disclosure
Aug 10, 2020
CVSS 6.3
EPSS 0.01
CVE-2020-13292
CRITICAL
GitLab <13.0.12-13.2.3 - Auth Bypass
Aug 10, 2020
CVSS 9.6
EPSS 0.01
CVE-2020-15525
MEDIUM
GitLab EE <13.1.2 - Info Disclosure
Jul 07, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-13279
HIGH
GitLab-Visual Studio Code Extension <2.2.0 - RCE
Jun 22, 2020
CVSS 8.6
EPSS 0.01
CVE-2020-13264
MEDIUM
GitLab CE/EE <13.0.1 - Info Disclosure
Jun 19, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-13263
HIGH
GitLab EE 9.5-13.0.1 - Incorrect Authorization via Project Maintainer Impersonation
Jun 19, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-13261
MEDIUM
GitLab CE/EE <13.0.1 - Info Disclosure
Jun 19, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-13276
HIGH
GitLab CE/EE <13.0.1 - Info Disclosure
Jun 19, 2020
CVSS 7.4
EPSS 0.01
CVE-2020-13275
HIGH
GitLab EE <13.0.1 - Info Disclosure
Jun 19, 2020
CVSS 8.0
EPSS 0.01
CVE-2020-13274
HIGH
GitLab - Denial of Service via Malicious Artifact Upload
Jun 19, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-13273
HIGH
GitLab 12.0.0-13.0.1 - Denial of Service via Resource Exhaustion
Jun 19, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-13272
HIGH
OAuth flow - Unverified User Access
Jun 19, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-13265
MEDIUM
GitLab 12.5.0-13.0.1 - Email Verification Bypass
Jun 19, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-13262
MEDIUM
GitLab CE/EE <13.0.1 - Code Injection
Jun 19, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-13277
MEDIUM
GitLab CE/EE <13.0.5 - Info Disclosure
Jun 19, 2020
CVSS 6.3
EPSS 0.02
CVE-2020-14155
MEDIUM
PCRE < 8.44 - Integer Overflow via Large Number After (?C Substring
Jun 15, 2020
CVSS 5.3
EPSS 0.04
CVE-2020-13271
MEDIUM
GitLab < 13.0.1 - Stored Cross-Site Scripting in Blobs API
Jun 10, 2020
CVSS 6.1
EPSS 0.02
CVE-2020-13270
HIGH
GitLab CE/EE <13.0.1 - Privilege Escalation
Jun 10, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-13269
MEDIUM
GitLab 12.10.0-12.10.7 - Reflected Cross-Site Scripting in Static Site Editor
Jun 10, 2020
CVSS 6.1
EPSS 0.02
CVE-2020-13268
MEDIUM
GitLab CE/EE <13.0.1 - Info Disclosure
Jun 10, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-13267
MEDIUM
GitLab 12.8.0-13.0.1 - Stored Cross-Site Scripting in Metrics Dashboard
Jun 10, 2020
CVSS 6.1
EPSS 0.02