CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Debian CVE•added 2020/06/19 9:40 p.m.•19 views

CVE-2020-13272

Removed by vendor...

8.8CVSS7.3AI score0.00579EPSS

Debian CVE•added 2020/06/19 9:37 p.m.•16 views

CVE-2020-13276

Removed by vendor...

7.4CVSS5.8AI score0.00674EPSS

UbuntuCve•added 2020/06/19 6:15 p.m.•28 views

CVE-2020-13277

An authorization issue in the mirroring logic allowed read access to private repositories in GitLab CE/EE 10.6 and later through 13.0.5...

6.5CVSS6.6AI score0.01848EPSS

Exploits0References5

Prion•added 2020/06/19 6:15 p.m.•18 views

Authorization

An authorization issue in the mirroring logic allowed read access to private repositories in GitLab CE/EE 10.6 and later through 13.0.5...

4CVSS6AI score0.01848EPSS

CVE•added 2020/06/19 5:20 p.m.•79 views

CVE-2020-13277

The CVE-2020-13277 issue is a real authorization flaw in GitLab’s repository mirroring logic that allowed read access to private repositories in CE/EE. Affected versions span GitLab CE/EE 10.6 through 13.0.5. Remediation per connected details: upgrade to GitLab fixes for the applicable lines (e.g...

6.5CVSS5.9AI score0.01848EPSS

Debian CVE•added 2020/06/19 5:20 p.m.•22 views

CVE-2020-13277

Removed by vendor...

6.5CVSS6.6AI score0.01848EPSS

NVD•added 2020/06/10 3:15 p.m.•29 views

CVE-2020-13271

A Stored Cross-Site Scripting vulnerability allowed the execution of arbitrary Javascript code in the blobs API in all previous GitLab CE/EE versions through 13.0.1...

6.1CVSS0.01531EPSS

NVD•added 2020/06/10 3:15 p.m.•15 views

CVE-2020-13268

A specially crafted request could be used to confirm the existence of files hosted on object storage services, without disclosing their contents. This vulnerability affects GitLab CE/EE 12.10 and later through 13.0.1...

5.3CVSS0.01071EPSS

OSV•added 2020/06/10 3:15 p.m.•15 views

CVE-2020-13268

5.3CVSS6.5AI score0.01071EPSS

Prion•added 2020/06/10 3:15 p.m.•14 views

Design/Logic Flaw

5CVSS5AI score0.01071EPSS

Prion•added 2020/06/10 3:15 p.m.•17 views

Cross site scripting

A Stored Cross-Site Scripting vulnerability allowed the execution of arbitrary Javascript code in the blobs API in all previous GitLab CE/EE versions through 13.0.1...

4.3CVSS5.9AI score0.01531EPSS

CVE•added 2020/06/10 2:38 p.m.•59 views

CVE-2020-13269

CVE-2020-13269 : A Reflected Cross-Site Scripting vulnerability affects GitLab CE/EE in the Static Site Editor, with exploits possible on versions 12.10 through 13.0.1. The issue is caused by a reflected XSS flaw that enables execution of arbitrary JavaScript. Public details consistently describe...

6.1CVSS6AI score0.0175EPSS

Debian CVE•added 2020/06/10 2:38 p.m.•20 views

CVE-2020-13269

Removed by vendor...

6.1CVSS6.3AI score0.0175EPSS

Cvelist•added 2020/06/10 2:32 p.m.•19 views

CVE-2020-13268

5.3CVSS5.2AI score0.01071EPSS

Debian CVE•added 2020/06/10 2:32 p.m.•24 views

CVE-2020-13268

Removed by vendor...

5.3CVSS6AI score0.01071EPSS

Cvelist•added 2020/06/10 2:29 p.m.•23 views

CVE-2020-13267

A Stored Cross-Site Scripting vulnerability allowed the execution on Javascript payloads on the Metrics Dashboard in GitLab CE/EE 12.8 and later through 13.0.1...

6.1CVSS5.8AI score0.0175EPSS

Cvelist•added 2020/06/10 2:25 p.m.•35 views

CVE-2020-13271

A Stored Cross-Site Scripting vulnerability allowed the execution of arbitrary Javascript code in the blobs API in all previous GitLab CE/EE versions through 13.0.1...

6.1CVSS6AI score0.01531EPSS

CVE•added 2020/06/10 2:25 p.m.•63 views

CVE-2020-13271

CVE-2020-13271 is a stored XSS in the GitLab blobs API affecting all prior GitLab CE/EE versions up to 13.0.1. The connected sources consistently describe a cross-site scripting vulnerability that could execute arbitrary JavaScript in the vulnerable API. The documents do not specify a patched ver...

6.1CVSS5.9AI score0.01531EPSS