Vulnerabilities > Gitlab > Gitlab > 12.8.1

DATE CVE VULNERABILITY TITLE RISK
2020-03-13 CVE-2020-10092 Cross-site Scripting vulnerability in Gitlab
GitLab 12.1 through 12.8.1 allows XSS.
network
gitlab CWE-79
4.3
4.3
2020-03-13 CVE-2020-10091 Cross-site Scripting vulnerability in Gitlab
GitLab 9.3 through 12.8.1 allows XSS.
network
gitlab CWE-79
4.3
4.3
2020-03-13 CVE-2020-10090 Information Exposure vulnerability in Gitlab
GitLab 11.7 through 12.8.1 allows Information Disclosure.
network
low complexity
gitlab CWE-200
5.0
5.0
2020-03-13 CVE-2020-10089 Uncontrolled Recursion vulnerability in Gitlab
GitLab 8.11 through 12.8.1 allows a Denial of Service when using several features to recursively request eachother,
network
low complexity
gitlab CWE-674
5.0
5.0
2020-03-13 CVE-2020-10088 Incorrect Permission Assignment for Critical Resource vulnerability in Gitlab
GitLab 12.5 through 12.8.1 has Insecure Permissions.
network
low complexity
gitlab CWE-732
5.5
5.5
2020-03-13 CVE-2020-10087 Unspecified vulnerability in Gitlab
GitLab before 12.8.2 allows Information Disclosure.
network
low complexity
gitlab
5.0
5.0
2020-03-13 CVE-2020-10086 Path Traversal vulnerability in Gitlab
GitLab 10.4 through 12.8.1 allows Directory Traversal.
network
low complexity
gitlab CWE-22
5.0
5.0
2020-03-13 CVE-2020-10085 Information Exposure vulnerability in Gitlab
GitLab 12.3.5 through 12.8.1 allows Information Disclosure.
network
low complexity
gitlab CWE-200
5.0
5.0
2020-03-13 CVE-2020-10084 Information Exposure vulnerability in Gitlab
GitLab EE 11.6 through 12.8.1 allows Information Disclosure.
network
low complexity
gitlab CWE-200
5.0
5.0
2020-03-13 CVE-2020-10083 Improper Preservation of Permissions vulnerability in Gitlab
GitLab 12.7 through 12.8.1 has Insecure Permissions.
network
low complexity
gitlab CWE-281
6.4
6.4