Vulnerabilities > Gitlab > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-19 | CVE-2020-13355 | Path Traversal vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.14. | 8.1 |
| 2020-11-17 | CVE-2020-26405 | Path Traversal vulnerability in Gitlab Path traversal vulnerability in package upload functionality in GitLab CE/EE starting from 12.8 allows an attacker to save packages in arbitrary locations. | 7.1 |
| 2020-10-22 | CVE-2020-13327 | Unspecified vulnerability in Gitlab Runner An issue has been discovered in GitLab Runner affecting all versions starting from 13.4.0 before 13.4.2, all versions starting from 13.3.0 before 13.3.7, all versions starting from 13.2.0 before 13.2.10. | 7.5 |
| 2020-10-08 | CVE-2020-13340 | Cross-site Scripting vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions prior to 13.2.10, 13.3.7 and 13.4.2: Stored XSS in CI Job Log | 8.7 |
| 2020-10-07 | CVE-2020-13334 | Incorrect Authorization vulnerability in Gitlab In GitLab versions prior to 13.2.10, 13.3.7 and 13.4.2, improper authorization checks allow a non-member of a project/group to change the confidentiality attribute of issue via mutation GraphQL query | 7.5 |
| 2020-10-06 | CVE-2020-13343 | Exposure of Resource to Wrong Sphere vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 11.2. | 8.8 |
| 2020-09-30 | CVE-2020-13325 | Unspecified vulnerability in Gitlab A vulnerability was discovered in GitLab versions prior 13.1. | 7.1 |
| 2020-09-30 | CVE-2020-13323 | Unspecified vulnerability in Gitlab A vulnerability was discovered in GitLab versions prior 13.1. | 7.7 |
| 2020-09-30 | CVE-2020-13322 | Incorrect Authorization vulnerability in Gitlab A vulnerability was discovered in GitLab versions after 12.9. | 7.2 |
| 2020-09-30 | CVE-2020-13321 | Unspecified vulnerability in Gitlab A vulnerability was discovered in GitLab versions prior to 13.1. | 8.3 |