gitlab

1,423 tracked vulnerabilities.

CVE-2020-10092 MEDIUM
GitLab 12.1-12.8.1 - Stored Cross-Site Scripting in Grafana Integration View
Mar 13, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-10091 MEDIUM
GitLab 9.3.0-12.8.1 - Cross-Site Scripting via File Viewer
Mar 13, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-10090 MEDIUM
GitLab 11.7-12.8.1 - Unauthorized Information Disclosure in Group Epic Data
Mar 13, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-10089 HIGH
GitLab 8.11-12.8.1 - Denial of Service via Recursive Feature Requests
Mar 13, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-10088 HIGH
GitLab 12.5-12.8.1 - Insecure Permissions via Group Invitation
Mar 13, 2020
CVSS 8.1
EPSS 0.01
CVE-2020-10087 HIGH
GitLab < 12.8.2 - Information Disclosure via Badge Image Proxy Bypass
Mar 13, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-10086 MEDIUM
GitLab 10.4-12.8.1 - Path Traversal and Arbitrary File Read
Mar 13, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-10085 MEDIUM
GitLab 12.3.5-12.8.1 - Information Disclosure via Merge Request Title Exposure
Mar 13, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-10084 MEDIUM
GitLab 11.6.0-12.8.1 - Information Disclosure via Vulnerability Feedback Endpoint
Mar 13, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-10083 CRITICAL
GitLab 12.7-12.8.1 - Insecure Permissions
Mar 13, 2020
CVSS 9.1
EPSS 0.01
CVE-2020-10082 MEDIUM
GitLab 12.2-12.8.1 - Denial of Service via Public Issue Designs
Mar 13, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-10081 MEDIUM
GitLab < 12.8.2 - Incorrect Access Control in LFS Import Process
Mar 13, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-10080 MEDIUM
GitLab 8.3-12.8.1 - Unauthenticated Information Disclosure via Contribution Analytics Page
Mar 13, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-10079 MEDIUM
GitLab 7.10.0-12.8.1 - Missing Authentication for Critical Function
Mar 13, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-10078 MEDIUM
GitLab 12.1-12.8.1 - Stored Cross-Site Scripting in Merge Request Submission Form
Mar 13, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-10535 MEDIUM
GitLab 12.8.0-12.8.5 - Unauthenticated Email Domain Restriction Bypass
Mar 12, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-8113 CRITICAL
GitLab 10.7-12.7.2 - Incorrect Access Control
Mar 06, 2020
CVSS 9.8
EPSS 0.01
CVE-2020-8795 HIGH
GitLab EE <12.7.5 - Info Disclosure
Feb 17, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-6833 HIGH
GitLab 11.3.0-12.5.9 - Package and File Disclosure via Request Smuggling
Feb 05, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-7978 HIGH
GitLab 12.6.0-12.6.5 - Denial of Service
Feb 05, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-7977 MEDIUM
GitLab EE <12.7.2 - Info Disclosure
Feb 05, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-7976 MEDIUM
GitLab 12.4.0-12.5.9 - Incorrect Access Control
Feb 05, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-7974 MEDIUM
GitLab EE <12.7.2 - Info Disclosure
Feb 05, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-7973 MEDIUM
GitLab < 12.5.9 - Cross-Site Scripting
Feb 05, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-7972 HIGH
GitLab 12.0-12.5.9 - Insecure Default Permissions
Feb 05, 2020
CVSS 7.5
EPSS 0.01