gitlab

1,423 tracked vulnerabilities.

CVE-2020-13266 MEDIUM
GitLab CE/EE <13.0.1 - Privilege Escalation
Jun 09, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-12448 MEDIUM
GitLab 12.8.0-12.8.9 - Unauthenticated Sensitive Information Exposure via NuGet
May 07, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-12277 MEDIUM
GitLab 10.8-12.9 - Unauthenticated Repository Mirroring via Unauthorized Feature Access
Apr 29, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-12276 MEDIUM
GitLab 9.5.9-12.9 - Stored Cross-Site Scripting in Admin Notification Feature
Apr 29, 2020
CVSS 4.8
EPSS 0.01
CVE-2020-12275 MEDIUM
GitLab 12.6-12.9 - Unauthenticated Privilege Escalation via Personal Snippet API
Apr 29, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-11649 MEDIUM
GitLab 8.15-12.9.2 - Missing Authentication for Critical Function
Apr 22, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-11506 HIGH
GitLab 10.7.0-12.9.2 - Exposure of Sensitive Information via Workhorse Request Smuggling
Apr 22, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-11505 HIGH
GitLab < 12.7.9, 12.8.x < 12.8.9, 12.9.x < 12.9.3 - Exposure of Sensitive Information via Workhorse Request Smuggling
Apr 22, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-10981 MEDIUM
GitLab EE/CE <12.9 - Info Disclosure
Apr 08, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-10980 CRITICAL
GitLab 8.0.0-12.9 - Server-Side Request Forgery via FogBugz Integration
Apr 08, 2020
CVSS 9.8
EPSS 0.02
CVE-2020-10979 MEDIUM
GitLab EE/CE <12.9 - Info Disclosure
Apr 08, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-10978 MEDIUM
GitLab EE/CE 8.11-12.9 - Info Disclosure
Apr 08, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-10977 MEDIUM
GitLab EE/CE <12.9 - Path Traversal
Apr 08, 2020
CVSS 5.5
EPSS 0.43
CVE-2020-10976 HIGH
GitLab EE/CE <12.9 - Info Disclosure
Apr 08, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-10975 MEDIUM
GitLab EE/CE 10.8-12.9 - Info Disclosure
Apr 08, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-10956 CRITICAL
GitLab 8.10-12.9 - Server-Side Request Forgery via Project Import Note Feature
Mar 27, 2020
CVSS 9.8
EPSS 0.01
CVE-2020-10955 MEDIUM
GitLab EE/CE <12.9 - Info Disclosure
Mar 27, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-10954 HIGH
GitLab < 12.9 - Denial of Service via Repository Archive Download
Mar 27, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-10953 HIGH
GitLab 11.7.0-12.9 - Path Traversal via NPM Feature
Mar 27, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-10952 MEDIUM
GitLab EE/CE <12.9.1 - Info Disclosure
Mar 27, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-10077 CRITICAL
GitLab 3.0.0-12.8.1 - Server-Side Request Forgery via Deprecated Service
Mar 13, 2020
CVSS 9.8
EPSS 0.01
CVE-2020-10076 MEDIUM
GitLab 12.1-12.8.1 - Stored Cross-Site Scripting in Merge Request Display
Mar 13, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-10075 MEDIUM
GitLab 12.5-12.8.1 - HTML Injection via Error Header
Mar 13, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-10074 CRITICAL
GitLab 10.1-12.8.1 - Incorrect Access Control via Expired Link
Mar 13, 2020
CVSS 9.8
EPSS 0.01
CVE-2020-10073 HIGH
GitLab EE 12.4.2-12.8.1 - Denial of Service via Project Home Page Permissions Check
Mar 13, 2020
CVSS 7.5
EPSS 0.01