Vulnerabilities > Gitlab > Gitlab > 7.2.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-09-14 | CVE-2020-13301 | Cross-site Scripting vulnerability in Gitlab A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. | 3.5 |
2020-09-14 | CVE-2020-13298 | Improper Input Validation vulnerability in Gitlab A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. | 5.0 |
2020-09-14 | CVE-2020-13297 | Improper Authentication vulnerability in Gitlab A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. | 4.9 |
2020-08-13 | CVE-2020-13280 | Resource Exhaustion vulnerability in Gitlab For GitLab before 13.0.12, 13.1.6, 13.2.3 a memory exhaustion flaw exists due to excessive logging of an invite email error message. | 4.0 |
2020-08-10 | CVE-2020-13293 | Incorrect Type Conversion or Cast vulnerability in Gitlab In GitLab before 13.0.12, 13.1.6 and 13.2.3 using a branch with a hexadecimal name could override an existing hash. | 5.5 |
2020-06-19 | CVE-2020-13276 | Incorrect Authorization vulnerability in Gitlab User is allowed to set an email as a notification email even without verifying the new email in all previous GitLab CE/EE versions through 13.0.1 | 4.0 |
2020-06-19 | CVE-2020-13274 | Resource Exhaustion vulnerability in Gitlab A security issue allowed achieving Denial of Service attacks through memory exhaustion by uploading malicious artifacts in all previous GitLab versions through 13.0.1 | 5.0 |
2020-06-15 | CVE-2020-14155 | Integer Overflow or Wraparound vulnerability in multiple products libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring. | 5.3 |
2020-06-10 | CVE-2020-13271 | Cross-site Scripting vulnerability in Gitlab A Stored Cross-Site Scripting vulnerability allowed the execution of arbitrary Javascript code in the blobs API in all previous GitLab CE/EE versions through 13.0.1 | 4.3 |
2020-04-22 | CVE-2020-11505 | Information Exposure vulnerability in Gitlab An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) before 12.7.9, 12.8.x before 12.8.9, and 12.9.x before 12.9.3. | 5.0 |