Vulnerabilities > Gitlab > Gitlab > 13.2.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-10-07 | CVE-2020-13335 | Improper Authentication vulnerability in Gitlab Improper group membership validation when deleting a user account in GitLab >=7.12 allows a user to delete own account without deleting/transferring their group. | 4.0 |
2020-10-07 | CVE-2020-13334 | Incorrect Authorization vulnerability in Gitlab In GitLab versions prior to 13.2.10, 13.3.7 and 13.4.2, improper authorization checks allow a non-member of a project/group to change the confidentiality attribute of issue via mutation GraphQL query | 5.0 |
2020-10-06 | CVE-2020-13343 | Exposure of Resource to Wrong Sphere vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 11.2. | 4.0 |
2020-10-06 | CVE-2020-13345 | Cross-site Scripting vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 10.8. | 3.5 |
2020-09-30 | CVE-2020-13296 | Missing Authorization vulnerability in Gitlab An issue has been discovered in GitLab affecting versions >=10.7 <13.0.14, >=13.1.0 <13.1.8, >=13.2.0 <13.2.6. | 7.5 |
2020-09-15 | CVE-2020-13308 | Improper Preservation of Permissions vulnerability in Gitlab A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. | 4.0 |
2020-09-15 | CVE-2020-13307 | Insufficient Session Expiration vulnerability in Gitlab A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. | 6.0 |
2020-09-15 | CVE-2020-13303 | Incorrect Authorization vulnerability in Gitlab A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. | 4.0 |
2020-09-14 | CVE-2020-13315 | Unspecified vulnerability in Gitlab A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. | 5.0 |
2020-09-14 | CVE-2020-13310 | Unspecified vulnerability in Gitlab A vulnerability was discovered in GitLab runner versions before 13.1.3, 13.2.3 and 13.3.1. | 4.0 |