Vulnerabilities > Gitlab > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-17 | CVE-2020-13354 | Resource Exhaustion vulnerability in Gitlab A potential DOS vulnerability was discovered in GitLab CE/EE starting with version 12.6. | 4.3 |
| 2020-11-17 | CVE-2020-13352 | Unspecified vulnerability in Gitlab Private group info is leaked leaked in GitLab CE/EE version 10.2 and above, when the project is moved from private to public group. | 5.3 |
| 2020-10-12 | CVE-2020-13341 | Type Confusion vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions prior to 13.2.10, 13.3.7 and 13.4.2. | 4.9 |
| 2020-10-08 | CVE-2020-13339 | Cross-site Scripting vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions before 13.2.10, 13.3.7 and 13.4.2: XSS in SVG File Preview. | 6.5 |
| 2020-10-08 | CVE-2020-13344 | Insufficiently Protected Credentials vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions prior to 13.2.10, 13.3.7 and 13.4.2. | 4.4 |
| 2020-10-07 | CVE-2020-13346 | Incomplete Cleanup vulnerability in Gitlab Membership changes are not reflected in ToDo subscriptions in GitLab versions prior to 13.2.10, 13.3.7 and 13.4.2, allowing guest users to access confidential issues through API. | 6.5 |
| 2020-10-07 | CVE-2020-13335 | Incorrect Authorization vulnerability in Gitlab Improper group membership validation when deleting a user account in GitLab >=7.12 allows a user to delete own account without deleting/transferring their group. | 4.3 |
| 2020-10-06 | CVE-2020-13333 | Resource Exhaustion vulnerability in Gitlab 13.1.0/13.2.0/13.3.0 A potential DOS vulnerability was discovered in GitLab versions 13.1, 13.2 and 13.3. | 4.3 |
| 2020-10-06 | CVE-2020-13345 | Cross-site Scripting vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 10.8. | 5.4 |
| 2020-10-02 | CVE-2020-13338 | Cross-site Scripting vulnerability in Gitlab An issue has been discovered in GitLab affecting versions prior to 12.10.13, 13.0.8, 13.1.2. | 5.4 |