Vulnerabilities > Gitlab > Gitlab > 13.4.7
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-20 | CVE-2021-22246 | Allocation of Resources Without Limits or Throttling vulnerability in Gitlab A vulnerability was discovered in GitLab versions before 14.0.2, 13.12.6, 13.11.6. | 4.0 |
| 2021-08-20 | CVE-2021-22254 | Improper Encoding or Escaping of Output vulnerability in Gitlab Under very specific conditions a user could be impersonated using Gitlab shell. | 3.5 |
| 2021-07-07 | CVE-2021-22230 | Unspecified vulnerability in Gitlab Improper code rendering while rendering merge requests could be exploited to submit malicious code. | 6.5 |
| 2021-07-07 | CVE-2021-22231 | Unspecified vulnerability in Gitlab A denial of service in user's profile page is found starting with GitLab CE/EE 8.0 that allows attacker to reject access to their profile page via using a specially crafted username. | 4.0 |
| 2021-07-06 | CVE-2021-22228 | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions before 13.11.6, all versions starting from 13.12 before 13.12.6, and all versions starting from 14.0 before 14.0.2. | 4.0 |
| 2021-07-06 | CVE-2021-22229 | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions starting with 12.8. network gitlab | 4.3 |
| 2021-07-06 | CVE-2021-22232 | Injection vulnerability in Gitlab HTML injection was possible via the full name field before versions 13.11.6, 13.12.6, and 14.0.2 in GitLab CE | 3.5 |
| 2021-06-24 | CVE-2021-32823 | In the bindata RubyGem before version 2.4.10 there is a potential denial-of-service vulnerability. | 3.7 |
| 2021-06-11 | CVE-2021-22175 | Server-Side Request Forgery (SSRF) vulnerability in Gitlab When requests to the internal network for webhooks are enabled, a server-side request forgery vulnerability in GitLab affecting all versions starting from 10.5 was possible to exploit for an unauthenticated attacker even on a GitLab instance where registration is disabled | 6.8 |
| 2021-06-11 | CVE-2021-22181 | Resource Exhaustion vulnerability in Gitlab A denial of service vulnerability in GitLab CE/EE affecting all versions since 11.8 allows an attacker to create a recursive pipeline relationship and exhaust resources. | 4.0 |