Vulnerabilities > Gitlab > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-22 | CVE-2020-11505 | HTTP Request Smuggling vulnerability in Gitlab An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) before 12.7.9, 12.8.x before 12.8.9, and 12.9.x before 12.9.3. | 7.5 |
| 2020-04-08 | CVE-2020-10976 | Information Exposure vulnerability in Gitlab GitLab EE/CE 8.17 to 12.9 is vulnerable to information leakage when querying a merge request widget. | 7.5 |
| 2020-03-27 | CVE-2020-10954 | Resource Exhaustion vulnerability in Gitlab GitLab through 12.9 is affected by a potential DoS in repository archive download. | 7.5 |
| 2020-03-27 | CVE-2020-10953 | Path Traversal vulnerability in Gitlab In GitLab EE 11.7 through 12.9, the NPM feature is vulnerable to a path traversal issue. | 7.5 |
| 2020-03-13 | CVE-2020-10073 | Unspecified vulnerability in Gitlab GitLab EE 12.4.2 through 12.8.1 allows Denial of Service. | 7.5 |
| 2020-03-13 | CVE-2020-10089 | Uncontrolled Recursion vulnerability in Gitlab GitLab 8.11 through 12.8.1 allows a Denial of Service when using several features to recursively request eachother, | 7.5 |
| 2020-03-13 | CVE-2020-10088 | Improper Privilege Management vulnerability in Gitlab GitLab 12.5 through 12.8.1 has Insecure Permissions. | 8.1 |
| 2020-03-13 | CVE-2020-10087 | Unspecified vulnerability in Gitlab GitLab before 12.8.2 allows Information Disclosure. | 7.5 |
| 2020-03-10 | CVE-2019-13121 | Server-Side Request Forgery (SSRF) vulnerability in Gitlab An issue was discovered in GitLab Enterprise Edition 10.6 through 12.0.2. | 7.5 |
| 2020-03-10 | CVE-2019-13003 | Resource Exhaustion vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition before 12.0.3. | 7.5 |