Vulnerabilities > Gitlab > Gitlab > 12.7.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-19 | CVE-2020-13277 | Incorrect Authorization vulnerability in Gitlab An authorization issue in the mirroring logic allowed read access to private repositories in GitLab CE/EE 10.6 and later through 13.0.5 | 4.0 |
| 2020-06-15 | CVE-2020-14155 | Integer Overflow or Wraparound vulnerability in multiple products libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring. | 5.3 |
| 2020-06-10 | CVE-2020-13271 | Cross-site Scripting vulnerability in Gitlab A Stored Cross-Site Scripting vulnerability allowed the execution of arbitrary Javascript code in the blobs API in all previous GitLab CE/EE versions through 13.0.1 | 4.3 |
| 2020-06-10 | CVE-2020-13270 | Missing Authorization vulnerability in Gitlab Missing permission check on fork relation creation in GitLab CE/EE 11.3 and later through 13.0.1 allows guest users to create a fork relation on restricted public projects via API | 6.5 |
| 2020-04-29 | CVE-2020-12277 | Incorrect Default Permissions vulnerability in Gitlab GitLab 10.8 through 12.9 has a vulnerability that allows someone to mirror a repository even if the feature is not activated. | 5.0 |
| 2020-04-29 | CVE-2020-12276 | Cross-site Scripting vulnerability in Gitlab GitLab 9.5.9 through 12.9 is vulnerable to stored XSS in an admin notification feature. | 3.5 |
| 2020-04-29 | CVE-2020-12275 | Improper Privilege Management vulnerability in Gitlab GitLab 12.6 through 12.9 is vulnerable to a privilege escalation that allows an external user to create a personal snippet through the API. | 5.0 |
| 2020-04-22 | CVE-2020-11649 | Missing Authentication for Critical Function vulnerability in Gitlab An issue was discovered in GitLab CE and EE 8.15 through 12.9.2. | 4.0 |
| 2020-04-22 | CVE-2020-11506 | Information Exposure vulnerability in Gitlab An issue was discovered in GitLab 10.7.0 and later through 12.9.2. | 5.0 |
| 2020-04-22 | CVE-2020-11505 | Information Exposure vulnerability in Gitlab An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) before 12.7.9, 12.8.x before 12.8.9, and 12.9.x before 12.9.3. | 5.0 |