CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Gitlab: >> Gitlab >> 13.4.6 Security Vulnerabilities

CVE-2020-26409

A DOS vulnerability exists in Gitlab CE/EE >=10.3, <13.4.7,>=13.5, <13.5.5,>=13.6, <13.6.2 that allows an attacker to trigger uncontrolled resource by bypassing input validation in markdown fields.

CVSS Score

4.3

EPSS Score

0.002

Published

2020-12-11

CVE-2020-26407

A XSS vulnerability exists in Gitlab CE/EE from 12.4 before 13.4.7, 13.5 before 13.5.5, and 13.6 before 13.6.2 that allows an attacker to perform cross-site scripting to other users via importing a malicious project

CVSS Score

5.5

EPSS Score

0.002

Published

2020-12-10

Page 43

Vulnerabilities

Vulnerable Software

Gitlab: >> Gitlab >> 13.4.6 Security Vulnerabilities

Products

Pricing

Contact Us