Vulnerabilities > Gitlab > Gitlab > 8.13.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-08 | CVE-2021-22213 | Unspecified vulnerability in Gitlab A cross-site leak vulnerability in the OAuth flow of all versions of GitLab CE/EE since 7.10 allowed an attacker to leak an OAuth access token by getting the victim to visit a malicious page with Safari network gitlab | 4.3 |
| 2021-06-08 | CVE-2021-22217 | Unspecified vulnerability in Gitlab A denial of service vulnerability in all versions of GitLab CE/EE before 13.12.2, 13.11.5 or 13.10.5 allows an attacker to cause uncontrolled resource consumption with a specially crafted issue or merge request | 4.0 |
| 2021-04-02 | CVE-2021-22202 | Cross-Site Request Forgery (CSRF) vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all previous versions. | 4.3 |
| 2021-03-26 | CVE-2021-22194 | Cleartext Storage of Sensitive Information vulnerability in Gitlab In all versions of GitLab, marshalled session keys were being stored in Redis. | 2.1 |
| 2021-03-24 | CVE-2021-22193 | Information Exposure Through an Error Message vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting with 7.1. | 3.5 |
| 2021-03-24 | CVE-2021-22176 | Incorrect Authorization vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting with 3.0.1. | 4.0 |
| 2021-03-04 | CVE-2021-22189 | Improper Certificate Validation vulnerability in Gitlab Starting with version 13.7 the Gitlab CE/EE editions were affected by a security issue related to the validation of the certificates for the Fortinet OTP that could result in authentication issues. | 6.5 |
| 2021-03-02 | CVE-2021-22187 | Resource Exhaustion vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions of Gitlab EE/CE before 13.6.7. | 4.0 |
| 2020-12-11 | CVE-2020-26416 | Information Exposure vulnerability in Gitlab Information disclosure in Advanced Search component of GitLab EE starting from 8.4 results in exposure of search terms via Rails logs. | 2.1 |
| 2020-11-19 | CVE-2020-13356 | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.8.9. | 6.4 |