Vulnerabilities > Gitlab > Low

DATE CVE VULNERABILITY TITLE RISK
2021-08-25 CVE-2021-22242 Cross-site Scripting vulnerability in Gitlab
Insufficient input sanitization in Mermaid markdown in GitLab CE/EE version 11.4 and up allows an attacker to exploit a stored cross-site scripting vulnerability via a specially-crafted markdown
network
gitlab CWE-79
3.5
3.5
2021-08-20 CVE-2021-22254 Improper Encoding or Escaping of Output vulnerability in Gitlab
Under very specific conditions a user could be impersonated using Gitlab shell.
network
gitlab CWE-116
3.5
3.5
2021-08-20 CVE-2021-22238 Cross-site Scripting vulnerability in Gitlab
An issue has been discovered in GitLab affecting all versions starting with 13.3.
network
gitlab CWE-79
3.5
3.5
2021-08-05 CVE-2021-22234 Cross-site Scripting vulnerability in Gitlab
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.11 before 13.11.7, all versions starting from 13.12 before 13.12.8, and all versions starting from 14.0 before 14.0.4.
network
gitlab CWE-79
3.5
3.5
2021-08-05 CVE-2021-22241 Cross-site Scripting vulnerability in Gitlab
An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.0.
network
gitlab CWE-79
3.5
3.5
2021-07-07 CVE-2021-22225 Cross-site Scripting vulnerability in Gitlab
Insufficient input sanitization in markdown in GitLab version 13.11 and up allows an attacker to exploit a stored cross-site scripting vulnerability via a specially-crafted markdown
network
gitlab CWE-79
3.5
3.5
2021-07-06 CVE-2021-22232 Injection vulnerability in Gitlab
HTML injection was possible via the full name field before versions 13.11.6, 13.12.6, and 14.0.2 in GitLab CE
network
gitlab CWE-74
3.5
3.5
2021-06-24 CVE-2021-32823 In the bindata RubyGem before version 2.4.10 there is a potential denial-of-service vulnerability.
network
high complexity
bindata-project gitlab
3.7
3.7
2021-06-08 CVE-2021-22220 Cross-site Scripting vulnerability in Gitlab
An issue has been discovered in GitLab affecting all versions starting with 13.10.
network
gitlab CWE-79
3.5
3.5
2021-05-06 CVE-2021-22211 Incorrect Authorization vulnerability in Gitlab
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7.
network
gitlab CWE-863
3.5
3.5