Vulnerabilities > Gitlab > Gitlab > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-06 | CVE-2021-22232 | Injection vulnerability in Gitlab HTML injection was possible via the full name field before versions 13.11.6, 13.12.6, and 14.0.2 in GitLab CE | 3.5 |
| 2021-06-24 | CVE-2021-32823 | In the bindata RubyGem before version 2.4.10 there is a potential denial-of-service vulnerability. | 3.7 |
| 2021-06-08 | CVE-2021-22220 | Cross-site Scripting vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting with 13.10. | 3.5 |
| 2021-05-06 | CVE-2021-22211 | Incorrect Authorization vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7. | 3.5 |
| 2021-04-22 | CVE-2021-22199 | Cross-site Scripting vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting with 12.9. | 3.5 |
| 2021-04-02 | CVE-2021-22196 | Cross-site Scripting vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.4. | 3.5 |
| 2021-03-26 | CVE-2021-22184 | Information Exposure Through Log Files vulnerability in Gitlab An information disclosure issue in GitLab starting from version 12.8 allowed a user with access to the server logs to see sensitive information that wasn't properly redacted. | 2.1 |
| 2021-03-26 | CVE-2021-22194 | Cleartext Storage of Sensitive Information vulnerability in Gitlab In all versions of GitLab, marshalled session keys were being stored in Redis. | 2.1 |
| 2021-03-24 | CVE-2021-22185 | Cross-site Scripting vulnerability in Gitlab Insufficient input sanitization in wikis in GitLab version 13.8 and up allows an attacker to exploit a stored cross-site scripting vulnerability via a specially-crafted commit to a wiki | 3.5 |
| 2021-03-24 | CVE-2021-22193 | Information Exposure Through an Error Message vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting with 7.1. | 3.5 |