gitlab
1,423 tracked vulnerabilities.
CVE-2020-10092
MEDIUM
GitLab 12.1-12.8.1 - Stored Cross-Site Scripting in Grafana Integration View
Mar 13, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-10091
MEDIUM
GitLab 9.3.0-12.8.1 - Cross-Site Scripting via File Viewer
Mar 13, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-10090
MEDIUM
GitLab 11.7-12.8.1 - Unauthorized Information Disclosure in Group Epic Data
Mar 13, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-10089
HIGH
GitLab 8.11-12.8.1 - Denial of Service via Recursive Feature Requests
Mar 13, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-10088
HIGH
GitLab 12.5-12.8.1 - Insecure Permissions via Group Invitation
Mar 13, 2020
CVSS 8.1
EPSS 0.01
CVE-2020-10087
HIGH
GitLab < 12.8.2 - Information Disclosure via Badge Image Proxy Bypass
Mar 13, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-10086
MEDIUM
GitLab 10.4-12.8.1 - Path Traversal and Arbitrary File Read
Mar 13, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-10085
MEDIUM
GitLab 12.3.5-12.8.1 - Information Disclosure via Merge Request Title Exposure
Mar 13, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-10084
MEDIUM
GitLab 11.6.0-12.8.1 - Information Disclosure via Vulnerability Feedback Endpoint
Mar 13, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-10083
CRITICAL
GitLab 12.7-12.8.1 - Insecure Permissions
Mar 13, 2020
CVSS 9.1
EPSS 0.01
CVE-2020-10082
MEDIUM
GitLab 12.2-12.8.1 - Denial of Service via Public Issue Designs
Mar 13, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-10081
MEDIUM
GitLab < 12.8.2 - Incorrect Access Control in LFS Import Process
Mar 13, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-10080
MEDIUM
GitLab 8.3-12.8.1 - Unauthenticated Information Disclosure via Contribution Analytics Page
Mar 13, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-10079
MEDIUM
GitLab 7.10.0-12.8.1 - Missing Authentication for Critical Function
Mar 13, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-10078
MEDIUM
GitLab 12.1-12.8.1 - Stored Cross-Site Scripting in Merge Request Submission Form
Mar 13, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-10535
MEDIUM
GitLab 12.8.0-12.8.5 - Unauthenticated Email Domain Restriction Bypass
Mar 12, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-8113
CRITICAL
GitLab 10.7-12.7.2 - Incorrect Access Control
Mar 06, 2020
CVSS 9.8
EPSS 0.01
CVE-2020-8795
HIGH
GitLab EE <12.7.5 - Info Disclosure
Feb 17, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-6833
HIGH
GitLab 11.3.0-12.5.9 - Package and File Disclosure via Request Smuggling
Feb 05, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-7978
HIGH
GitLab 12.6.0-12.6.5 - Denial of Service
Feb 05, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-7977
MEDIUM
GitLab EE <12.7.2 - Info Disclosure
Feb 05, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-7976
MEDIUM
GitLab 12.4.0-12.5.9 - Incorrect Access Control
Feb 05, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-7974
MEDIUM
GitLab EE <12.7.2 - Info Disclosure
Feb 05, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-7973
MEDIUM
GitLab < 12.5.9 - Cross-Site Scripting
Feb 05, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-7972
HIGH
GitLab 12.0-12.5.9 - Insecure Default Permissions
Feb 05, 2020
CVSS 7.5
EPSS 0.01