Search CVE reports

Toggle filters

1071 – 1080 of 1537 results

CVE-2020-13281

Medium priority
Not affected

For GitLab before 13.0.12, 13.1.6, 13.2.3 a denial of service exists in the project import feature

1 affected package

gitlab

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gitlab Not in release Not in release
Show less packages

CVE-2020-13285

Medium priority
Not affected

For GitLab before 13.0.12, 13.1.6, 13.2.3 a cross-site scripting (XSS) vulnerability exists in the issue reference number tooltip.

1 affected package

gitlab

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gitlab Not in release Not in release
Show less packages

CVE-2020-13283

Medium priority
Not affected

For GitLab before 13.0.12, 13.1.6, 13.2.3 a cross-site scripting vulnerability exists in the issues list via milestone title.

1 affected package

gitlab

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gitlab Not in release Not in release
Show less packages

CVE-2020-13282

Medium priority
Ignored

For GitLab before 13.0.12, 13.1.6, 13.2.3 after a group transfer occurs, members from a parent group keep their access level on the subgroup leading to improper access.

1 affected package

gitlab

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gitlab Not in release Not in release Not in release Not in release
Show less packages

CVE-2020-13280

Medium priority
Ignored

For GitLab before 13.0.12, 13.1.6, 13.2.3 a memory exhaustion flaw exists due to excessive logging of an invite email error message.

1 affected package

gitlab

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gitlab Not in release Not in release Not in release Not in release
Show less packages

CVE-2020-13291

Medium priority
Not affected

In GitLab before 13.2.3, project sharing could temporarily allow too permissive access.

1 affected package

gitlab

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gitlab Not in release Not in release
Show less packages

CVE-2020-13290

Medium priority
Ignored

In GitLab before 13.0.12, 13.1.6, and 13.2.3, improper access control was used on the Applications page

1 affected package

gitlab

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gitlab Not in release Not in release Not in release Not in release
Show less packages

CVE-2020-13288

Medium priority
Not affected

In GitLab before 13.0.12, 13.1.6, and 13.2.3, a stored XSS vulnerability exists in the CI/CD Jobs page

1 affected package

gitlab

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gitlab Not in release Not in release
Show less packages

CVE-2020-13295

Medium priority
Needs evaluation

For GitLab Runner before 13.0.12, 13.1.6, 13.2.3, by replacing dockerd with a malicious server, the Shared Runner is susceptible to SSRF.

1 affected package

gitlab-ci-multi-runner

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gitlab-ci-multi-runner Not in release Not in release Needs evaluation Needs evaluation
Show less packages

CVE-2020-13294

Medium priority
Ignored

In GitLab before 13.0.12, 13.1.6 and 13.2.3, access grants were not revoked when a user revoked access to an application.

1 affected package

gitlab

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gitlab Not in release Not in release Not in release Not in release
Show less packages
  1. Previous page
  2. 106
  3. 107
  4. 108
  5. 109
  6. 110
  7. Next page
Export to JSON