GitLab < 12.9.8 (CVE-2020-13276)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - User is allowed to set an email as a notification email even without verifying the new email in all previous GitLab CE/EE versions through 13.0.1 CVE-2020-13276 Note that Nessus has not tested for thi...

CVE-2023-2069

An issue has been discovered in GitLab affecting all versions starting from 10.0 before 12.9.8, all versions starting from 12.10 before 12.10.7, all versions starting from 13.0 before 13.0.1. A user with the role of developer could use the import project feature to leak CI/CD variables...