Vulnerabilities > Gitlab > Gitlab > 13.0.9
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-01-15 | CVE-2021-22168 | Resource Exhaustion vulnerability in Gitlab A regular expression denial of service issue has been discovered in NuGet API affecting all versions of GitLab starting from version 12.8. | 4.0 |
2021-01-15 | CVE-2021-22167 | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 12.1. | 5.0 |
2021-01-15 | CVE-2020-26414 | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 12.4. | 4.0 |
2020-12-11 | CVE-2020-26416 | Information Exposure vulnerability in Gitlab Information disclosure in Advanced Search component of GitLab EE starting from 8.4 results in exposure of search terms via Rails logs. | 2.1 |
2020-12-11 | CVE-2020-26415 | Information Exposure vulnerability in Gitlab Information about the starred projects for private user profiles was exposed via the GraphQL API starting from 12.2 via the REST API. | 4.0 |
2020-12-11 | CVE-2020-26408 | Information Exposure vulnerability in Gitlab A limited information disclosure vulnerability exists in Gitlab CE/EE from >= 12.2 to <13.4.7, >=13.5 to <13.5.5, and >=13.6 to <13.6.2 that allows an attacker to view limited information in user's private profile | 5.0 |
2020-12-11 | CVE-2020-26409 | Improper Input Validation vulnerability in Gitlab A DOS vulnerability exists in Gitlab CE/EE >=10.3, <13.4.7,>=13.5, <13.5.5,>=13.6, <13.6.2 that allows an attacker to trigger uncontrolled resource by bypassing input validation in markdown fields. | 4.0 |
2020-11-19 | CVE-2020-13359 | Information Exposure vulnerability in Gitlab The Terraform API in GitLab CE/EE 12.10+ exposed the object storage signed URL on the delete operation allowing a malicious project maintainer to overwrite the Terraform state, bypassing audit and other business controls. | 5.5 |
2020-11-17 | CVE-2020-13349 | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab EE affecting all versions starting from 8.12. | 4.0 |
2020-10-08 | CVE-2020-13344 | Information Exposure vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions prior to 13.2.10, 13.3.7 and 13.4.2. | 2.1 |