CVE-2020-26413

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.4 before 13.6.2. Information disclosure via GraphQL results in user email being unexpectedly visible...

GitLab 12.4 < 13.4.7 / 13.5 < 13.5.5 / 13.6 < 13.6.2 (CVE-2020-26407)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - A XSS vulnerability exists in Gitlab CE/EE from 12.4 before 13.4.7, 13.5 before 13.5.5, and 13.6 before 13.6.2 that allows an attacker to perform cross-site scripting to other users via importing a...

CVE-2020-26411

Removed by vendor...

CVE-2020-26413

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.4 before 13.6.2. Information disclosure via GraphQL results in user email being unexpectedly visible...

PT-2020-16418 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab EE versions 13.2 through 13.6.1 Description: The issue allows removed group members to access updated information on confidential epics using the To-Do functionality. Recommendations: For GitLab EE versions 13.2 through 13.6.1, update ...