421 matches found
CVE-2021-22193
Removed by vendor...
CVE-2021-22188
An issue has been discovered in GitLab affecting all versions starting with 13.0. Confidential issue titles in Gitlab were readable by an unauthorised user via branch logs...
CVE-2021-22188
An issue has been discovered in GitLab affecting all versions starting with 13.0. Confidential issue titles in Gitlab were readable by an unauthorised user via branch logs...
Code injection
An issue has been discovered in GitLab affecting all versions starting with 13.0. Confidential issue titles in Gitlab were readable by an unauthorised user via branch logs...
CVE-2021-22188
Removed by vendor...
CVE-2020-13335
Improper group membership validation when deleting a user account in GitLab =7.12 allows a user to delete own account without deleting/transferring their group...
Input validation
Improper group membership validation when deleting a user account in GitLab =7.12 allows a user to delete own account without deleting/transferring their group...
CVE-2020-13343
An issue has been discovered in GitLab affecting all versions starting from 11.2. Unauthorized Users Can View Custom Project Template...
CVE-2020-13345
Removed by vendor...
CVE-2020-13338
An issue has been discovered in GitLab affecting versions prior to 12.10.13, 13.0.8, 13.1.2. A stored cross-site scripting vulnerability was discovered when editing references...
Cross site scripting
An issue has been discovered in GitLab affecting versions prior to 12.10.13. GitLab was vulnerable to a stored XSS by in the Wiki pasges...
GitLab Resource Management Error Vulnerability (CNVD-2021-19408)
GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in GitLab 13.0.1 and...
CVE-2020-13270
Missing permission check on fork relation creation in GitLab CE/EE 11.3 and later through 13.0.1 allows guest users to create a fork relation on restricted public projects via API...
CVE-2020-10979
Removed by vendor...
CVE-2020-10089
GitLab 8.11 through 12.8.1 allows a Denial of Service when using several features to recursively request eachother,...
CVE-2020-10090
GitLab 11.7 through 12.8.1 allows Information Disclosure. Under certain group conditions, group epic information was unintentionally being disclosed...
CVE-2020-10076
Removed by vendor...
CVE-2020-10085
Removed by vendor...
CVE-2020-8113
GitLab 10.7 and later through 12.7.2 has Incorrect Access Control...
Improper access control
GitLab 10.7 and later through 12.7.2 has Incorrect Access Control...