Vulnerabilities > Gitlab > Gitlab > 13.1.4

DATE CVE VULNERABILITY TITLE RISK
2020-09-14 CVE-2020-13313 Incorrect Authorization vulnerability in Gitlab
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4.
network
low complexity
gitlab CWE-863
4.0
4.0
2020-09-14 CVE-2020-13312 Insufficiently Protected Credentials vulnerability in Gitlab
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4.
network
low complexity
gitlab CWE-522
5.0
5.0
2020-09-14 CVE-2020-13311 Injection vulnerability in Gitlab
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4.
network
low complexity
gitlab CWE-74
4.0
4.0
2020-09-14 CVE-2020-13318 Incorrect Authorization vulnerability in Gitlab
A vulnerability was discovered in GitLab versions before 13.0.12, 13.1.10, 13.2.8 and 13.3.4.
network
gitlab CWE-863
4.9
4.9
2020-09-14 CVE-2020-13316 Missing Authorization vulnerability in Gitlab
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4.
network
low complexity
gitlab CWE-862
4.0
4.0
2020-09-14 CVE-2020-13299 Insufficient Session Expiration vulnerability in Gitlab
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4.
network
low complexity
gitlab CWE-613
8.1
8.1
2020-09-14 CVE-2020-13289 Missing Authentication for Critical Function vulnerability in Gitlab
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4.
network
low complexity
gitlab CWE-306
5.5
5.5
2020-09-14 CVE-2020-13287 Unspecified vulnerability in Gitlab
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4.
network
low complexity
gitlab
4.0
4.0
2020-09-14 CVE-2020-13284 Incorrect Authorization vulnerability in Gitlab
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4.
network
low complexity
gitlab CWE-863
5.5
5.5
2020-08-13 CVE-2020-13286 Server-Side Request Forgery (SSRF) vulnerability in Gitlab
For GitLab before 13.0.12, 13.1.6, 13.2.3 user controlled git configuration settings can be modified to result in Server Side Request Forgery.
network
low complexity
gitlab CWE-918
4.0
4.0