Vulnerabilities > Gitlab
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-02 | CVE-2021-22200 | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions starting with 12.6. | 7.5 |
| 2021-04-02 | CVE-2021-22198 | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions from 13.8 and above allowing an authenticated user to delete incident metric images of public projects. | 4.3 |
| 2021-04-02 | CVE-2021-22197 | Infinite Loop vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.6 where an infinite loop exist when an authenticated user with specific rights access a MR having source and target branch pointing to each other | 4.3 |
| 2021-04-02 | CVE-2021-22196 | Cross-site Scripting vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.4. | 5.4 |
| 2021-04-01 | CVE-2021-22195 | Uncontrolled Search Path Element vulnerability in Gitlab Gitlab-Vscode-Extension Client side code execution in gitlab-vscode-extension v3.15.0 and earlier allows attacker to execute code on user system | 7.8 |
| 2021-04-01 | CVE-2021-22177 | Resource Exhaustion vulnerability in Gitlab Potential DoS was identified in gitlab-shell in GitLab CE/EE version 12.6.0 or above, which allows an attacker to spike the server resource utilization via gitlab-shell command. | 4.3 |
| 2021-03-26 | CVE-2021-22194 | Cleartext Storage of Sensitive Information vulnerability in Gitlab In all versions of GitLab, marshalled session keys were being stored in Redis. | 4.4 |
| 2021-03-26 | CVE-2021-22184 | Information Exposure Through Log Files vulnerability in Gitlab An information disclosure issue in GitLab starting from version 12.8 allowed a user with access to the server logs to see sensitive information that wasn't properly redacted. | 5.5 |
| 2021-03-26 | CVE-2021-22180 | Forced Browsing vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 13.4. | 4.3 |
| 2021-03-26 | CVE-2021-22172 | Information Exposure vulnerability in Gitlab Improper authorization in GitLab 12.8+ allows a guest user in a private project to view tag data that should be inaccessible on the releases page | 4.3 |