Vulnerabilities > Gitlab > Gitlab > 2.6.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-10 | CVE-2020-13271 | Cross-site Scripting vulnerability in Gitlab A Stored Cross-Site Scripting vulnerability allowed the execution of arbitrary Javascript code in the blobs API in all previous GitLab CE/EE versions through 13.0.1 | 4.3 |
| 2020-04-22 | CVE-2020-11505 | Information Exposure vulnerability in Gitlab An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) before 12.7.9, 12.8.x before 12.8.9, and 12.9.x before 12.9.3. | 5.0 |
| 2020-03-27 | CVE-2020-10954 | Resource Exhaustion vulnerability in Gitlab GitLab through 12.9 is affected by a potential DoS in repository archive download. | 5.0 |
| 2020-03-13 | CVE-2020-10087 | Unspecified vulnerability in Gitlab GitLab before 12.8.2 allows Information Disclosure. | 5.0 |
| 2020-03-13 | CVE-2020-10081 | Incorrect Authorization vulnerability in Gitlab GitLab before 12.8.2 has Incorrect Access Control. | 4.0 |
| 2020-03-10 | CVE-2019-13003 | Resource Exhaustion vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition before 12.0.3. | 5.0 |
| 2020-02-05 | CVE-2020-7973 | Cross-site Scripting vulnerability in Gitlab GitLab through 12.7.2 allows XSS. | 4.3 |
| 2020-02-05 | CVE-2020-7968 | Improper Authentication vulnerability in Gitlab GitLab EE 8.0 through 12.7.2 has Incorrect Access Control. | 5.0 |
| 2020-01-03 | CVE-2019-19260 | Unspecified vulnerability in Gitlab GitLab Community Edition (CE) and Enterprise Edition (EE) through 12.5 has Incorrect Access Control (issue 2 of 2). | 5.5 |
| 2020-01-03 | CVE-2019-19257 | Information Exposure vulnerability in Gitlab GitLab Community Edition (CE) and Enterprise Edition (EE) through 12.5 has Incorrect Access Control (issue 1 of 2). | 5.0 |