Vulnerabilities > Gitlab
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-07 | CVE-2021-22233 | Information Exposure vulnerability in Gitlab An information disclosure vulnerability in GitLab EE versions 13.10 and later allowed a user to read project details | 4.0 |
| 2021-07-07 | CVE-2021-22224 | Cross-Site Request Forgery (CSRF) vulnerability in Gitlab A cross-site request forgery vulnerability in the GraphQL API in GitLab since version 13.12 and before versions 13.12.6 and 14.0.2 allowed an attacker to call mutations as the victim | 4.3 |
| 2021-07-07 | CVE-2021-22225 | Cross-Site Scripting vulnerability in Gitlab Insufficient input sanitization in markdown in GitLab version 13.11 and up allows an attacker to exploit a stored cross-site scripting vulnerability via a specially-crafted markdown | 3.5 |
| 2021-07-07 | CVE-2021-22227 | Cross-Site Scripting vulnerability in Gitlab A reflected cross-site script vulnerability in GitLab before versions 13.11.6, 13.12.6 and 14.0.2 allowed an attacker to send a malicious link to a victim and trigger actions on their behalf if they clicked it | 4.3 |
| 2021-07-07 | CVE-2021-22230 | Unspecified vulnerability in Gitlab Improper code rendering while rendering merge requests could be exploited to submit malicious code. | 6.5 |
| 2021-07-07 | CVE-2021-22231 | Unspecified vulnerability in Gitlab A denial of service in user's profile page is found starting with GitLab CE/EE 8.0 that allows attacker to reject access to their profile page via using a specially crafted username. | 4.0 |
| 2021-07-06 | CVE-2021-22223 | Cross-Site Scripting vulnerability in Gitlab Client-Side code injection through Feature Flag name in GitLab CE/EE starting with 11.9 allows a specially crafted feature flag name to PUT requests on behalf of other users via clicking on a link | 4.3 |
| 2021-07-06 | CVE-2021-22228 | Improper Authentication vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions. | 4.0 |
| 2021-07-06 | CVE-2021-22226 | Unspecified vulnerability in Gitlab Under certain conditions, some users were able to push to protected branches that were restricted to deploy keys in GitLab CE/EE since version 13.9 network gitlab | 4.9 |
| 2021-07-06 | CVE-2021-22229 | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions starting with 12.8. network gitlab | 4.3 |