Vulnerabilities > Gitlab > Gitlab > 13.0.0

DATE CVE VULNERABILITY TITLE RISK
2020-06-10 CVE-2020-13268 Improper Input Validation vulnerability in Gitlab
A specially crafted request could be used to confirm the existence of files hosted on object storage services, without disclosing their contents.
network
low complexity
gitlab CWE-20
5.0
5.0
2020-06-10 CVE-2020-13267 Cross-site Scripting vulnerability in Gitlab
A Stored Cross-Site Scripting vulnerability allowed the execution on Javascript payloads on the Metrics Dashboard in GitLab CE/EE 12.8 and later through 13.0.1
network
gitlab CWE-79
4.3
4.3
2020-06-09 CVE-2020-13266 Missing Authorization vulnerability in Gitlab
Insecure authorization in Project Deploy Keys in GitLab CE/EE 12.8 and later through 13.0.1 allows users to update permissions of other users' deploy keys under certain conditions
network
low complexity
gitlab CWE-862
4.0
4.0