Vulnerabilities > Gitlab > Gitlab > 12.1.17

DATE CVE VULNERABILITY TITLE RISK
2020-03-27 CVE-2020-10952 Incorrect Authorization vulnerability in Gitlab
GitLab EE/CE 8.11 through 12.9.1 allows blocked users to pull/push docker images.
network
gitlab CWE-863
5.8
5.8
2020-03-13 CVE-2020-10076 Cross-site Scripting vulnerability in Gitlab
GitLab 12.1 through 12.8.1 allows XSS.
network
gitlab CWE-79
4.3
4.3
2020-03-13 CVE-2020-10074 Unspecified vulnerability in Gitlab
GitLab 10.1 through 12.8.1 has Incorrect Access Control.
network
low complexity
gitlab
7.5
7.5
2020-03-13 CVE-2020-10092 Cross-site Scripting vulnerability in Gitlab
GitLab 12.1 through 12.8.1 allows XSS.
network
gitlab CWE-79
4.3
4.3
2020-03-13 CVE-2020-10091 Cross-site Scripting vulnerability in Gitlab
GitLab 9.3 through 12.8.1 allows XSS.
network
gitlab CWE-79
4.3
4.3
2020-03-13 CVE-2020-10090 Information Exposure vulnerability in Gitlab
GitLab 11.7 through 12.8.1 allows Information Disclosure.
network
low complexity
gitlab CWE-200
5.0
5.0
2020-03-13 CVE-2020-10089 Uncontrolled Recursion vulnerability in Gitlab
GitLab 8.11 through 12.8.1 allows a Denial of Service when using several features to recursively request eachother,
network
low complexity
gitlab CWE-674
5.0
5.0
2020-03-13 CVE-2020-10087 Unspecified vulnerability in Gitlab
GitLab before 12.8.2 allows Information Disclosure.
network
low complexity
gitlab
5.0
5.0
2020-03-13 CVE-2020-10086 Path Traversal vulnerability in Gitlab
GitLab 10.4 through 12.8.1 allows Directory Traversal.
network
low complexity
gitlab CWE-22
5.0
5.0
2020-03-13 CVE-2020-10081 Incorrect Authorization vulnerability in Gitlab
GitLab before 12.8.2 has Incorrect Access Control.
network
low complexity
gitlab CWE-863
4.0
4.0