Vulnerabilities > Gitlab > Gitlab > 12.7.8

DATE CVE VULNERABILITY TITLE RISK
2020-03-13 CVE-2020-10076 Cross-site Scripting vulnerability in Gitlab
GitLab 12.1 through 12.8.1 allows XSS.
network
gitlab CWE-79
4.3
4.3
2020-03-13 CVE-2020-10075 Injection vulnerability in Gitlab
GitLab 12.5 through 12.8.1 allows HTML Injection.
network
gitlab CWE-74
5.8
5.8
2020-03-13 CVE-2020-10074 Unspecified vulnerability in Gitlab
GitLab 10.1 through 12.8.1 has Incorrect Access Control.
network
low complexity
gitlab
7.5
7.5
2020-03-13 CVE-2020-10073 Missing Authorization vulnerability in Gitlab
GitLab EE 12.4.2 through 12.8.1 allows Denial of Service.
network
low complexity
gitlab CWE-862
5.0
5.0
2020-03-13 CVE-2020-10092 Cross-site Scripting vulnerability in Gitlab
GitLab 12.1 through 12.8.1 allows XSS.
network
gitlab CWE-79
4.3
4.3
2020-03-13 CVE-2020-10091 Cross-site Scripting vulnerability in Gitlab
GitLab 9.3 through 12.8.1 allows XSS.
network
gitlab CWE-79
4.3
4.3
2020-03-13 CVE-2020-10090 Information Exposure vulnerability in Gitlab
GitLab 11.7 through 12.8.1 allows Information Disclosure.
network
low complexity
gitlab CWE-200
5.0
5.0
2020-03-13 CVE-2020-10089 Uncontrolled Recursion vulnerability in Gitlab
GitLab 8.11 through 12.8.1 allows a Denial of Service when using several features to recursively request eachother,
network
low complexity
gitlab CWE-674
5.0
5.0
2020-03-13 CVE-2020-10088 Incorrect Permission Assignment for Critical Resource vulnerability in Gitlab
GitLab 12.5 through 12.8.1 has Insecure Permissions.
network
low complexity
gitlab CWE-732
5.5
5.5
2020-03-13 CVE-2020-10087 Unspecified vulnerability in Gitlab
GitLab before 12.8.2 allows Information Disclosure.
network
low complexity
gitlab
5.0
5.0