Vulnerabilities > Gitlab
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-02-05 | CVE-2020-7973 | Cross-site Scripting vulnerability in Gitlab GitLab through 12.7.2 allows XSS. | 4.3 |
2020-02-05 | CVE-2020-7972 | Incorrect Default Permissions vulnerability in Gitlab GitLab EE 12.2 has Insecure Permissions (issue 2 of 2). | 5.0 |
2020-02-05 | CVE-2020-7971 | Cross-site Scripting vulnerability in Gitlab GitLab EE 11.0 and later through 12.7.2 allows XSS. | 4.3 |
2020-02-05 | CVE-2020-7969 | Information Exposure vulnerability in Gitlab GitLab EE 8.0 and later through 12.7.2 allows Information Disclosure. | 5.0 |
2020-02-05 | CVE-2020-7968 | Improper Authentication vulnerability in Gitlab GitLab EE 8.0 through 12.7.2 has Incorrect Access Control. | 5.0 |
2020-02-05 | CVE-2020-7967 | Incorrect Default Permissions vulnerability in Gitlab GitLab EE 8.0 through 12.7.2 has Insecure Permissions (issue 1 of 2). | 4.0 |
2020-02-05 | CVE-2020-7966 | Path Traversal vulnerability in Gitlab GitLab EE 11.11 and later through 12.7.2 allows Directory Traversal. | 5.0 |
2020-02-05 | CVE-2020-8114 | Incorrect Default Permissions vulnerability in Gitlab GitLab EE 8.9 and later through 12.7.2 has Insecure Permission | 7.5 |
2020-02-05 | CVE-2020-7979 | Incorrect Default Permissions vulnerability in Gitlab GitLab EE 8.9 and later through 12.7.2 has Insecure Permission | 4.3 |
2020-01-28 | CVE-2013-4583 | Improper Privilege Management vulnerability in Gitlab and Gitlab-Shell The parse_cmd function in lib/gitlab_shell.rb in GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, and Enterprise Edition before 6.2.1 and gitlab-shell before 1.7.8 allows remote authenticated users to gain privileges and clone arbitrary repositories. | 6.5 |