Vulnerabilities > Gitlab > Gitlab > 8.8.7
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-24 | CVE-2021-22193 | Information Exposure Through an Error Message vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting with 7.1. | 3.5 |
| 2021-03-24 | CVE-2021-22176 | Incorrect Authorization vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting with 3.0.1. | 4.0 |
| 2021-03-04 | CVE-2021-22189 | Improper Certificate Validation vulnerability in Gitlab Starting with version 13.7 the Gitlab CE/EE editions were affected by a security issue related to the validation of the certificates for the Fortinet OTP that could result in authentication issues. | 6.5 |
| 2021-03-02 | CVE-2021-22187 | Resource Exhaustion vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions of Gitlab EE/CE before 13.6.7. | 4.0 |
| 2020-12-11 | CVE-2020-26416 | Information Exposure vulnerability in Gitlab Information disclosure in Advanced Search component of GitLab EE starting from 8.4 results in exposure of search terms via Rails logs. | 2.1 |
| 2020-11-17 | CVE-2020-13350 | Cross-Site Request Forgery (CSRF) vulnerability in Gitlab CSRF in runner administration page in all versions of GitLab CE/EE allows an attacker who's able to target GitLab instance administrators to pause/resume runners. | 4.3 |
| 2020-10-08 | CVE-2020-13340 | Cross-site Scripting vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions prior to 13.2.10, 13.3.7 and 13.4.2: Stored XSS in CI Job Log | 3.5 |
| 2020-10-08 | CVE-2020-13339 | Cross-site Scripting vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions before 13.2.10, 13.3.7 and 13.4.2: XSS in SVG File Preview. | 6.0 |
| 2020-10-07 | CVE-2020-13335 | Improper Authentication vulnerability in Gitlab Improper group membership validation when deleting a user account in GitLab >=7.12 allows a user to delete own account without deleting/transferring their group. | 4.0 |
| 2020-10-07 | CVE-2020-13334 | Incorrect Authorization vulnerability in Gitlab In GitLab versions prior to 13.2.10, 13.3.7 and 13.4.2, improper authorization checks allow a non-member of a project/group to change the confidentiality attribute of issue via mutation GraphQL query | 5.0 |