Vulnerabilities > Gitlab > Gitlab > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-19 | CVE-2020-13273 | Resource Exhaustion vulnerability in Gitlab A Denial of Service vulnerability allowed exhausting the system resources in GitLab CE/EE 12.0 and later through 13.0.1 | 7.8 |
| 2020-04-08 | CVE-2020-10980 | Server-Side Request Forgery (SSRF) vulnerability in Gitlab GitLab EE/CE 8.0.rc1 to 12.9 is vulnerable to a blind SSRF in the FogBugz integration. | 7.5 |
| 2020-03-27 | CVE-2020-10956 | Server-Side Request Forgery (SSRF) vulnerability in Gitlab GitLab 8.10 and later through 12.9 is vulnerable to an SSRF in a project import note feature. | 7.5 |
| 2020-03-13 | CVE-2020-10077 | Server-Side Request Forgery (SSRF) vulnerability in Gitlab GitLab EE 3.0 through 12.8.1 allows SSRF. | 7.5 |
| 2020-03-13 | CVE-2020-10074 | Unspecified vulnerability in Gitlab GitLab 10.1 through 12.8.1 has Incorrect Access Control. | 7.5 |
| 2020-03-10 | CVE-2019-12443 | Server-Side Request Forgery (SSRF) vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition 10.2 through 11.11. | 7.5 |
| 2020-03-10 | CVE-2019-12428 | Unspecified vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition 6.8 through 11.11. | 7.5 |
| 2020-03-06 | CVE-2020-8113 | Improper Privilege Management vulnerability in Gitlab GitLab 10.7 and later through 12.7.2 has Incorrect Access Control. | 7.5 |
| 2020-02-05 | CVE-2020-8114 | Incorrect Default Permissions vulnerability in Gitlab GitLab EE 8.9 and later through 12.7.2 has Insecure Permission | 7.5 |
| 2020-01-28 | CVE-2019-5464 | Server-Side Request Forgery (SSRF) vulnerability in Gitlab A flawed DNS rebinding protection issue was discovered in GitLab CE/EE 10.2 and later in the `url_blocker.rb` which could result in SSRF where the library is utilized. | 7.5 |