In GitLab before 13.0.12, 13.1.6 and 13.2.3, access grants were not revoked when a user revoked access to an application.
CVSS Score
4.2
EPSS Score
0.003
Published
2020-08-10
GitLab EE 11.3 through 13.1.2 has Incorrect Access Control because of the Maven package upload endpoint.
CVSS Score
5.3
EPSS Score
0.001
Published
2020-07-07
libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.
CVSS Score
5.3
EPSS Score
0.002
Published
2020-06-15
Page 47